Pages

SSO--Single Sign On simplified

Before we go there, lets understand what is meant by Authentication and Authorisation.
Lets take an example, if you are watching a video on youtube, its available to public and hence needs not Authentication, but to read your mail on gmail you would need to authenticate, i.e. say who you are and the gmail server checks by comparing your username and password with what has stored, this process is called Authentication. Now suppose you want be able to make changes to a resource, the system checks your Authority to see if are allowed to do that this is authorisation, like the uploader of a video can delete or edit the video where was as we are authorised to only view the video. 

by definition

Single sign-on (SSO) is mechanism whereby a single action of user authentication and authorisation can permit a user to access all computers and systems where he has access permission, without the need to enter multiple passwords. Single sign-on reduces human error, a major component of systems failure and is therefore highly desirable but difficult to implement. 

making it more simple, when you log into Gmail, you can access Google Calendar, Docs and the other 144+ Google services without having to register/signup nor having to log in with username and password, you just go in.... this is SSO or Single Sign On.

SSO can be achieved by SAML or OAuth in the following articles we will see what that means.