1,685 articles and 12,534 comments as of Thursday, September 2nd, 2010

News Feed Comments

You are here: Home / Recurring Commentary / Question of the Day / EndUserSharePoint.com: Are you using Single Sign On with SharePoint?
Sunday, August 31, 2008

EndUserSharePoint.com: Are you using Single Sign On with SharePoint?

Comments: 2

This question came into the queue and I thought it was pretty interesting.

The more we explore Single Sign On in SharePoint the more ambiguous it becomes – not sure what service it actually provides. We want our users to login and to have a list of links to other applications… they click, new window opens, and they are automatically authenticated and logged in to the other system.

The more we research this, the more we are hearing it’s not possible, it’s too much work or will cost an arm and a leg. Can you shed some light on Web SSO in SharePoint? Is this doable by the common man?

This is outside the boundries of what is usually covered here, but I really like the question. If someone can provide direction and resources, I think it will be of interest to all. –  Mark

 

I recommend SharePoint resources daily on my twitter account here.

Posted by EndUserSharePoint on Sunday, August 31, 2008 at 1:00 am 
Filed under Question of the Day · Tagged with

 

Please Join the Discussion

2 Responses to “EndUserSharePoint.com: Are you using Single Sign On with SharePoint?”
  1. Tony says:
    August 31, 2008 at 10:20 am

    If you asked me this question about 2 months ago, I wouldn’t have had an answer. In a recent project though, the client wanted to use SSO.

    The out of the box SSO works great if your in a pure AD environment and all your other apps use AD, chances are though, this isn’t the case.

    The most viable SSO option turned out to be Shibboleth and a custom membership/role provider. So technically in SharePoint terms, it wasn’t SSO, it was FBA, but for the other systems, it worked just like SSO.

    The problem ends up being with office integration. Check out http://msdn.microsoft.com/en-us/library/bb975136.aspx for a solution to this, its up on codeplex.

    Good links:

    Shibboleth
    http://shibboleth.internet2.edu/

    Shibboleth and SSO info
    http://msmvps.com/blogs/obts/archive/2006/12/01/365906.aspx

    ActiveShareFS (uses Shibboleth and gives you the role/membership providers)
    http://www.9starresearch.com/activesharefs.html

    Hopefully this helps shed some light on the question, its not 100% the answer, but at least gives you some options and hopefully saves you some research.

    Reply
  2. JoeD says:
    August 31, 2008 at 2:54 pm

    As far as I know, SharePoint SSO does not provide this capability (passing credentials to other interactive web applications).

    SharePoint SSO is a service that you can use to store credentials for other servers. From my understanding, for it to provide what is described in the original question (automatically authenticate into other applications), those applications would have to know how to obtain those credentials from the SharePoint SSO service.

    We use SharePoint SSO for the following things, but the are all for functionality within SharePoint:

    - BDC: Our BDC application definition uses SSO to connect to the databases (we use it to store SQL Server logins/passwords)
    - Excel Services: Our Excel Services spreadsheets connect to SQL Server Analysis Services cubes and we store credentials to connect to the cubes in SSO
    - Data View Web Parts: DVWP (aka Data Form Web Parts) can use SSO to get credentials to connect to external databases

    Reply

Notify me of comments to this article:

Speak and you will be heard.

We check comments hourly.
If you want a pic to show with your comment, go get a gravatar!