Hi!
Suppose you had two domains, Domain-A (say a banking domain) and Domain-B (say a new domain under our control)
- we probably have STS security for Domain-B as we have the freedom to choose the best interoperable security
- but, suppose we need to expose some functionality of Domain-B as service to Domain-A,
and, Domain-A users would login to their Net-Banking-Portal with an SSO (with uid/pw+secure-id number), and want to access the service of Domain-B
- WHAT'S THE BEST STRATEGY for securing the service in Domain-B while still allowing Domain-A users continue using their existing security ?
- Suppose Domain-A used OPEN-SSO (or some other SAML/Feedrated/Liberty) and Domain-B used Geneva Framework based STS
This is usually a real-world case, where we're exited to see geneva kind of security framework, but are challenged by existing security systems to interop.
Regards
Satish
Bangalore. India.
Suppose you had two domains, Domain-A (say a banking domain) and Domain-B (say a new domain under our control)
- we probably have STS security for Domain-B as we have the freedom to choose the best interoperable security
- but, suppose we need to expose some functionality of Domain-B as service to Domain-A,
and, Domain-A users would login to their Net-Banking-Portal with an SSO (with uid/pw+secure-id number), and want to access the service of Domain-B
- WHAT'S THE BEST STRATEGY for securing the service in Domain-B while still allowing Domain-A users continue using their existing security ?
- Suppose Domain-A used OPEN-SSO (or some other SAML/Feedrated/Liberty) and Domain-B used Geneva Framework based STS
This is usually a real-world case, where we're exited to see geneva kind of security framework, but are challenged by existing security systems to interop.
Regards
Satish
Bangalore. India.
