The key to the front-door: SSO
Single Sign On (SSO) is one of the holy grails of IT. Bottom line - it means that users have to log on only once and get access to all applications to which they are authorized. They only need to log on once for all applications: the logon is shared.
The best comparison is that with a house: when you open the front-door (the SSO logon), you get access to all rooms (the applications).
SSO revolves around two concepts: Authentication & authorization (the second is application specific, the first one is shared).
Authentication answers the question “who is this?“ What is the user’s identity? It’s about a single definition of the user: “there is only one Shirley Jones”. Authentication determines one single “point of truth”, which is checked by what is called an “identity provider”.
Authorization answers a different question: “what is this person allowed to do?” To which services do the user have access and what is she / he allowed to do within each service (application)? This is checked by what is called a “service provider”.
Our SSO solution serves two goals.
1. SSO between our applications (so within our product portfolio) via the Argus login platform – we are moving towards a single logon page (shown in the first four screenshots at the right – the background image is customizable and user-specific)
2. SSO with External Identity Providers – this is typically done via ADFS / LDAP servers (as shown by the last two screenshots at the right), but we also have implementations where the logon to V-smart is “inherited” from the Windows logon. All such, linkage will move to the Argus platform, making SSO not only available for V-smart, but for all products from the portfolio. (An easy example: you log on to the student administration of the university and automatically you are logged on to V-smart: no need to re-enter credentials.)
- Library and Information Systems