What's new under the SSOn?

Clément OUDOTcoudot@linagora.com

2

About the SSOpeaker

3

LemonLDAP::NG PreSSOntation

4

SSOme history

2003 2006 2010 2014

Project creation

NG version

SAMLCAS

OpenID

1.4 release

5

It's SSO simple!

User

Web Application

WebSSO Portal

1

2

3

6

CompSSOnents

CommonCommon

ManagerManager HandlerHandler

PortalPortal

Administration interface

User interactions

Applications protection

7

8

AuthenticaSSOn backends

LDAPLDAPADAD

ApacheApache SAMLSAML

CASCAS RadiusRadius OpenIDOpenID

WebIDWebID

BrowserBrowserIDID

DBIDBI

YubikeyYubikey

9

Self SSOrvice

Password Password changechange

Password Password resetreset

Login Login historyhistory

10

Identity protoSSOls gateway

SAMLSAMLCASCAS

OpenIDOpenID

11

VerSSOn 1.4

12

Bootstrap SSOkin

13

SSOelf register service

Fill a form

First nameLast nameEmail

Validate by clicking link in email

Receive login and password in email

14

use Mouse; # AweSSOme Perl

Configuration Configuration attributesattributes SessionsSessions

HandlerHandler CaptchaCaptcha

15

SSOession identifiers

MD5SHA256

8c7fef2b3820ecdea49614be7b769c62

9be0bab50d1c14b51264a7194fc2517cb25a5788e860cf672823dff434348dba

16

SAML IDP SSO initiated

11

22

IdentityProvider

ServiceProvider

http://auth.example.com/saml/singleSignOn?IDPInitiated=1&spConfKey=myserviceprovider

17

Nginx SSOpport

LUA Perl

Work in progressHandler available on GitHub

18

QueSSOtions?

19

SSOanks

RMLL Staff

RMLL Security track leaders

LemonLDAP::NG team

LINAGORA

20

SSOtay tunedhttp://lemonldap-ng.org

IRC #lemonldap-ng@freenode

http://mail.ow2.org/wws/

@lemonldapng

http://www.ohloh.net/p/lemonldap-ng

21

See you SSOn!