Kerberos / Host Integration Server for ASP.net IIS, JAVA Linux, PHP Apache
My dept has been tasked to provide a SSO architecture for our
We have read in a couple of posting that Kerberos protocol is the
answer to this,
but very few pointers or tips on how to go about this. What about Host
Integration Server from
Microsoft can we use this?
We are using Active Directory on Windows 2003 to store all user
information, and all the users
who will be accessing our web sites will be provided with a valid
domain user name and password.
The challenge here is that different departments have different web
applications and all these
applications need to provide a seamless flow.
following are the different web applications we have:
1. asp.net on IIS (Windows 2003)
2. PHP on Apache (Windows 2003)
3. Jave on Linux. (Linux)
now I have each one of these web applications on different physical
machines, I have link to each of these in all the
applications, we have also enabled Windows Authentication.
when user one logs for the first time (ex: asp.net on IIS) he / she is
prompted for his user credentials he / she enters
the same and then clicks on the link which will navigate him to second
application (PHP on Apache) / (Java on Linux) he is
prompted to enter his credentials again?
Is Kerberos the right solution for this?
has anybody implemented this or are there any pointers on the internet
where I can find stuff, we have just been given 2 weeks
to get this solution.