In our days more and more web-based applications are available exclusively to registered users. Authentication is, in most cases, based on the use of a username/password pair. This has several drawbacks both in terms of security and convenience. Some users have a hard time remembering what password and username they registered at any given web site, which can be an annoyance. Others reuse the same username and password across multiple sites, which can be a security hazard.
Various single sign-on technologies are posed to present a solution to these problems since they allow the user to supply credentials only one time and in one place in order to authenticate across multiple systems.
This thesis is aimed at providing an overview of various single sign-on technologies available today. Additionally, experiences are presented that were gained during the configuration and installation of a web server that is able to service such a system through the use of a public-key infrastructure.