{"id":36907,"date":"2007-10-29T08:00:00","date_gmt":"2007-10-29T07:00:00","guid":{"rendered":"https:\/\/mancomun.gal\/alternativas-libres-para-ter-un-sistema-single-sign-on\/"},"modified":"2023-05-09T23:48:08","modified_gmt":"2023-05-09T21:48:08","slug":"alternativas-libres-para-ter-un-sistema-single-sign-on","status":"publish","type":"post","link":"https:\/\/mancomun.gal\/es\/alternativas-libres-para-ter-un-sistema-single-sign-on\/","title":{"rendered":"Alternativas libres para ter un sistema Single sign-on"},"content":{"rendered":"<div align=\"justify\"><a href=\"http:\/\/www.opengroup.org\/security\/sso\/\" target=\"_blank\" title=\"http:\/\/www.opengroup.org\/security\/sso\/\" rel=\"noopener\">Single sign-on<\/a>  (SSO) \u00e9 un procedemento de autenticaci\u00f3n que habilita ao usuario para acceder a varios sistemas cunha soa identificaci\u00f3n. Existen aplicaci\u00f3ns propietarias que implementan este sistema, a\u00ednda que tam\u00e9n hai soluci\u00f3ns baseadas en Software Libre que non son tan co\u00f1ecidas. A continuaci\u00f3n rec\u00f3llense algunhas: <\/div>\n<div align=\"justify\"> <\/div>\n<div align=\"justify\">\n<ul>\n<li><a href=\"http:\/\/esoeproject.org\/\" target=\"_blank\" title=\"http:\/\/esoeproject.org\/\" rel=\"noopener\">esoe<\/a>  (Enterprise Sign On Engine), \u00e9 un sistema que se integra con servidores de directorio (LDAP,  Active Directory de windows) para ter SSO con outras <a href=\"http:\/\/esoeproject.org\/confluence\/display\/eu\/ESOE+Features\" target=\"_blank\" title=\"http:\/\/esoeproject.org\/confluence\/display\/eu\/ESOE+Features\" rel=\"noopener\">caracter\u00edsticas<\/a>.\n<div style=\"text-align: center\"><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/mancomun.gal\/wp-content\/uploads\/2022\/09\/esoe-logo.png\" alt=\"http:\/\/www.mancomun.org\/images\/stories\/esoe-logo.png\" title=\"http:\/\/www.mancomun.org\/images\/stories\/esoe-logo.png\" width=\"309\" height=\"250\" \/><\/div>\n<\/li>\n<\/ul>\n<\/div>\n<p><\/p>\n<div align=\"justify\"> <\/div>\n<div align=\"justify\"><\/p>\n<ul>\n<li><a href=\"http:\/\/www.josso.org\/confluence\/display\/JOSSO1\/JOSSO+-+Java+Open+Single+Sign-On+Project+Home\" target=\"_blank\" title=\"http:\/\/www.josso.org\/confluence\/display\/JOSSO1\/JOSSO+-+Java+Open+Single+Sign-On+Project+Home\" rel=\"noopener\">Java Open Single Sign-On<\/a>, \u00e9 unha soluci\u00f3n j2ee para ter unha infraestrutura SSO. Traballa baixo un tomcat e conta con API para clientes PHP, ASP, &#8230;\n<\/li>\n<li><a href=\"https:\/\/opensso.dev.java.net\" target=\"_blank\" title=\"https:\/\/opensso.dev.java.net\/\" rel=\"noopener\"><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/www.mancomun.gal\/uploads\/pics\/stories\/opensso.jpg\" border=\"0\" alt=\"http:\/\/www.mancomun.org\/images\/stories\/opensso.jpg\" title=\"http:\/\/www.mancomun.org\/images\/stories\/opensso.jpg\" hspace=\"10\" vspace=\"0\" width=\"179\" height=\"68\" align=\"right\" \/>OpenSSO<\/a>, \u00e9 para ter SSO nas aplicaci\u00f3ns web aloxadas en servidores web e servidores de aplicaci\u00f3ns (tomcat).\n<p> <\/li>\n<li><a href=\"http:\/\/software.inl.fr\/trac\/trac.cgi\/wiki\/EdenWall\/squid_nufw_helper\" target=\"_blank\" title=\"http:\/\/software.inl.fr\/trac\/trac.cgi\/wiki\/EdenWall\/squid_nufw_helper\" rel=\"noopener\">NuFW SSO module for Squid<\/a>, \u00e9 un sistema de autenticaci\u00f3n SSO dentro dun m\u00f3dulo para Squid e que traballa con <a href=\"http:\/\/www.nufw.org\/-English-.html\" target=\"_blank\" title=\"http:\/\/www.nufw.org\/-English-.html\" rel=\"noopener\">cortalumes NuFW<\/a>. Permite a autenticaci\u00f3n transparente dos usuarios dun proxy Squid.\n<div style=\"text-align: center\"><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/www.mancomun.gal\/uploads\/pics\/stories\/nufw-logo.png\" border=\"0\" alt=\"http:\/\/www.mancomun.org\/images\/stories\/nufw-logo.png\" title=\"http:\/\/www.mancomun.org\/images\/stories\/nufw-logo.png\" hspace=\"5\" vspace=\"5\" width=\"240\" height=\"232\" \/><\/div>\n<p><\/li>\n<\/ul>\n<div align=\"justify\"> <\/div>\n<div align=\"justify\"> <\/div>\n<p style=\"margin-bottom: 0cm\" align=\"justify\">\u00a0<\/p>\n<p style=\"margin-bottom: 0cm\" align=\"justify\">Estes sistemas engl\u00f3banse dentro de cinco tipos principais de <a href=\"http:\/\/en.wikipedia.org\/wiki\/Single_sign-on\" target=\"_blank\" title=\"http:\/\/en.wikipedia.org\/wiki\/Single_sign-on\" rel=\"noopener\">SSO<\/a>, tam\u00e9n chamados \u00abreduced sign on systems\u00bb (en ingl\u00e9s, sistemas de autenticaci\u00f3n reducida):<\/p>\n<ol>\n<li>\n<p style=\"margin-bottom: 0cm\"><strong>Enterprise single sign-on<\/strong> (E-SSO), tam\u00e9n chamado \u00ablegacy single sign-on\u00bb, funciona logo dunha autenticaci\u00f3n primaria, interceptando os requirimentos de login presentados polas aplicaci\u00f3ns secundarias para completar os mesmos co usuario e o contrasinal. Os sistemas E-SSO poden traballar con sistemas que deshabilitan a presentaci\u00f3n da pantalla de login.<\/p>\n<\/li>\n<li>\n<p style=\"margin-bottom: 0cm\"><strong>Web single sign-on<\/strong> (Web-SSO), tam\u00e9n chamado Web access management (Web-AM) traballa s\u00f3 con aplicaci\u00f3ns e recursos accedidos v\u00eda web. Os accesos son interceptados coa axuda dun servidor proxy ou dun compo\u00f1ente instalado no servidor web destino. Os usuarios non autenticados que tratan de acceder son redirixidos a un servidor de autenticaci\u00f3n e regresan s\u00f3 despois de ter un login con \u00e9xito. <\/p>\n<\/li>\n<li>\n<p style=\"margin-bottom: 0cm\"><strong>Kerberos<\/strong> \u00e9 un m\u00e9todo popular de externalizar a autenticaci\u00f3n dos usuarios. Os usuarios rex\u00edstranse no servidor Kerberos e reciben un \u00abticket\u00bb, logo as aplicaci\u00f3ns-cliente pres\u00e9ntano para obter acceso.<\/p>\n<\/li>\n<li>\n<p style=\"margin-bottom: 0cm\"><strong>Federation<\/strong> \u00e9 unha nova maneira de concibir este tema, orientado a aplicaci\u00f3ns Web. Utiliza protocolos baseados en est\u00e1ndares para habilitar que as aplicaci\u00f3ns poidan identificar os clientes sen necesidade de autenticaci\u00f3n redundante.<\/p>\n<\/li>\n<li>\n<p style=\"margin-bottom: 0cm\"><strong>OpenID<\/strong> \u00e9 un proceso de SSO distribu\u00eddo e descentralizado onde a identidade vai unida a un url que calquera aplicaci\u00f3n ou servidor pode autenticar.<\/p>\n<\/li>\n<\/ol>\n<p> <\/div>\n<div align=\"justify\"> <\/div>\n<p style=\"margin-bottom: 0cm\" align=\"justify\">Informaci\u00f3n da especificaci\u00f3n SSO:<\/p>\n<blockquote>\n<p style=\"margin-bottom: 0cm\" align=\"justify\">\u00a0<a href=\"http:\/\/www.opengroup.org\/security\/sso\" target=\"_blank\" title=\"http:\/\/www.opengroup.org\/security\/sso\/\" rel=\"noopener\">http:\/\/www.opengroup.org\/security\/sso\/<\/a> <\/p>\n<\/blockquote>\n<div align=\"justify\"> <\/div>\n<div align=\"justify\"> <\/div>\n<div align=\"justify\"> <\/div>\n<div align=\"justify\"> <\/div>\n<div align=\"justify\"> <\/div>\n<p style=\"margin-bottom: 0cm\" align=\"justify\">\n<p>Fonte: <a href=\"http:\/\/es.wikipedia.org\/wiki\/Single_sign_on\" target=\"_blank\" title=\"http:\/\/es.wikipedia.org\/wiki\/Single_sign_on\" rel=\"noopener\">Wikipedia<\/a>\u00a0<\/p>\n","protected":false},"excerpt":{"rendered":"<div align=\"justify\"><a href=\"http:\/\/www.opengroup.org\/security\/sso\/\" target=\"_blank\" title=\"http:\/\/www.opengroup.org\/security\/sso\/\" rel=\"noopener\">Single sign-on<\/a>  (SSO) \u00e9 un procedemento de autenticaci\u00f3n que habilita ao usuario para acceder a varios sistemas cunha soa identificaci\u00f3n. Existen aplicaci\u00f3ns propietarias que implementan este sistema, a\u00ednda que tam\u00e9n hai soluci\u00f3ns baseadas en Software Libre que non son tan co\u00f1ecidas. A continuaci\u00f3n rec\u00f3llense algunhas: <\/div>\n<div align=\"justify\"> <\/div>\n<div align=\"justify\">\n<ul>\n<li><a href=\"http:\/\/esoeproject.org\/\" target=\"_blank\" title=\"http:\/\/esoeproject.org\/\" rel=\"noopener\">esoe<\/a>  (Enterprise Sign On Engine), \u00e9 un sistema que se integra con servidores de directorio (LDAP,  Active Directory de windows) para ter SSO con outras <a href=\"http:\/\/esoeproject.org\/confluence\/display\/eu\/ESOE+Features\" target=\"_blank\" title=\"http:\/\/esoeproject.org\/confluence\/display\/eu\/ESOE+Features\" rel=\"noopener\">caracter\u00edsticas<\/a>.\n<div style=\"text-align: center\"><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/www.mancomun.gal\/wp-content\/uploads\/uploads\/pics\/stories\/esoe-logo.png\" alt=\"http:\/\/www.mancomun.org\/images\/stories\/esoe-logo.png\" title=\"http:\/\/www.mancomun.org\/images\/stories\/esoe-logo.png\" width=\"309\" height=\"250\" \/><\/div>\n<\/li>\n<\/ul>\n<\/div>\n","protected":false},"author":5,"featured_media":3010,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[],"tags":[],"class_list":["post-36907","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry"],"acf":[],"_links":{"self":[{"href":"https:\/\/mancomun.gal\/es\/wp-json\/wp\/v2\/posts\/36907","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/mancomun.gal\/es\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/mancomun.gal\/es\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/mancomun.gal\/es\/wp-json\/wp\/v2\/users\/5"}],"replies":[{"embeddable":true,"href":"https:\/\/mancomun.gal\/es\/wp-json\/wp\/v2\/comments?post=36907"}],"version-history":[{"count":1,"href":"https:\/\/mancomun.gal\/es\/wp-json\/wp\/v2\/posts\/36907\/revisions"}],"predecessor-version":[{"id":36908,"href":"https:\/\/mancomun.gal\/es\/wp-json\/wp\/v2\/posts\/36907\/revisions\/36908"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/mancomun.gal\/es\/wp-json\/wp\/v2\/media\/3010"}],"wp:attachment":[{"href":"https:\/\/mancomun.gal\/es\/wp-json\/wp\/v2\/media?parent=36907"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/mancomun.gal\/es\/wp-json\/wp\/v2\/categories?post=36907"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/mancomun.gal\/es\/wp-json\/wp\/v2\/tags?post=36907"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}