Lesson 8. Providing Single Sign-on Authentication
This lesson focuses on Mac OS X Server's single sign-on (SSO) architecture with an eye toward authenticationthe process of proving you are who you say you are. Specifically, it looks at authentication as provided by MIT's Kerberos distribution and the Simple Authentication and Security Layer (SASL). These complex open-source components are simplified with Apple's configuration tools. Without harming their standards-compliant nature, these disparate systems are integrated into a smoothly functioning whole that's equally comfortable at the center of directory services and as a platform-specific component of a larger system. The SSO architecture is made up of three open-source components:
Open Directory offers these identification and authentication services to both Mac OS X and other heterogeneous clients. Building on the previous lesson dealing with Lightweight Directory Access Protocol (LDAP), this lesson focuses on Kerberos and Password Server. |