KNF:Single Sign On query/en: verschil tussen versies

Uit Kennisnet Developers Documentatie
Naar navigatie springen Naar zoeken springen
(Nieuwe pagina aangemaakt met '{{PageTitleCustom|title=Single Sign On query|name=Kennisnet Federation|image=true|imageurl=KNF:Hoofdpagina/en}}')
 
Regel 1: Regel 1:
 
{{PageTitleCustom|title=Single Sign On query|name=Kennisnet Federation|image=true|imageurl=KNF:Hoofdpagina/en}}
 
{{PageTitleCustom|title=Single Sign On query|name=Kennisnet Federation|image=true|imageurl=KNF:Hoofdpagina/en}}
  +
The main reason to perform an SSO query is the following scenario:
  +
  +
A user enters a website that has functionality for both anonymous and authenticated users.
  +
*For anonymous users, only limited functionality and information is available
  +
*When the user wants access to other functionality and information, he needs to be authenticated
  +
  +
To authenticate, he needs to press the “Log in” button on the website, which starts authentication process.
  +
  +
If the user in above scenario already has a valid Single Sign-On session with Entree, pressing the “Log in” button immediately logs on the user, without interaction. The requirement to press “Log in” is therefore not user friendly.
  +
  +
The desired result is that a user upon entering the website is automatically authenticated if can be detected he already has a valid SSO session.
  +
  +
This method is preferred over the ‘SAML passive authentication’. When using the SSO query, SAML passive authentication is not needed.

Versie van 17 dec 2013 11:23

KNF-symbol.png Kennisnet Federation: Single Sign On query

Nl.gif Nederlands En.gif English

The main reason to perform an SSO query is the following scenario:

A user enters a website that has functionality for both anonymous and authenticated users.

  • For anonymous users, only limited functionality and information is available
  • When the user wants access to other functionality and information, he needs to be authenticated

To authenticate, he needs to press the “Log in” button on the website, which starts authentication process.

If the user in above scenario already has a valid Single Sign-On session with Entree, pressing the “Log in” button immediately logs on the user, without interaction. The requirement to press “Log in” is therefore not user friendly.

The desired result is that a user upon entering the website is automatically authenticated if can be detected he already has a valid SSO session.

This method is preferred over the ‘SAML passive authentication’. When using the SSO query, SAML passive authentication is not needed.