My thesis revolves around the Single Sign-On subject, one of the latest problems in the field of User Management. A lot of frameworks and development solutions can be used to create web based applications, however in some cases they must be able to cooperate with each other.
The topic of the single sign-on is a very good example for demonstrating the possibility to set up such cooperation between different platforms. A vast number of standards exist for handling this issue, all of them approaching from different directions, trying to find solution for the occurring problems. One common point always can be found in these standards and solutions, and that is the outsourced or claim based user authentication system. I’m going to show that how is this different from the paradigm of the “classical” user authentication.
Next, some of the mentioned standards are compared, and the differences, advantages, disadvantages of each are pointed out with emphasis on the WS-Federation standard, mostly supported by Microsoft and IBM.
With the help of Windows Identity Foundation (the class library connected with ASP.NET and the Windows world) it is easy and simple to create web based applications that are able to cooperate with other Single Sign-On applications even if they have been developed on a different platform.
Finally, the system developed by me, consisting of several ASP.NET web based applications, all of them created with the help of Windows Identity Foundation and WS-Federation is presented. The system and through that the standard itself is also subjected to a series of security tests.