in reply to lwp and IFRAME
In your case, it would make sense to have the portal be the server to maintain all of the passwords. This will allow the portal to accept user logins while requesting application content with each user's login information. A major problem with this method is that you will need to ensure that the portal (or login server) is kept informed of all user changes (new users, removed users, updated passwords) for each application.
If you have control of the applications and can modify their source code, you could move all of the authentication to a separate server. This would allow users to maintain one username/password pair for all applications, and would allow the portal to request information from applications while supplying each user's authentication information retrieved from some authentication server.
My organization is in the process of moving authentication to a separate server to allow for a portal as described by novitiate, and it seems to work well--for both end users and developers. But setting up the infrastructure is taking quite a bit of effort. I would be interested in hearing about how others have tackled this problem.
|
---|