As the number of connected applications increases, user convenience makes them use the same\r\npassword, which can create vulnerabilities in an organization�s infrastructure. Therefore, those with security\r\nconcerns regarding these activities, conducted in the electronic environment, came to support the idea of Single\r\nSign-On systems, having the user in mind. This concept facilitates the authentication process to various\r\nresources available on the Internet, or locally, using a single pair of credentials, only once, so it makes the �one\r\nfor all�password, the method of writing passwords on post-it�s glued to the monitor , or keeping them stored in\r\nunsecured text files, sent into oblivion. This paper aims to make a comprehensive analysis of the infrastructure of\r\nsecurity and authentication systems on the market. On the other hand, the project presents the implementation\r\nof several open source solutions such as OpenID, NTLM in PHP or the Central Authentication Service. For the\r\napplication that uses OpenID an online store that has an administration page, to which access is restricted using\r\nOpenID credentials, was further secured by filtering these IDs in a MySQL database to prevent access to anyone\r\nhaving a valid OpenID credential. For the demonstration of NTLM enabled SSO, another website is used in which\r\naccess has been blocked to a page. For accessing the page, a valid Windows authentication credential is\r\nrequired. Both the online-shop and demonstration site for NTLM are written in PHP. In addition, the systems\r\nusing them are implemented also using PHP. For implementing the CAS demo, two Tomcat servlets have been\r\nused for demonstration purposes, additional filtering being done by an ApacheDS server.
Loading....