A Thousand Things You Always Wanted to Know About SSO but Never Dared Ask

Session abstract

How many times have you been in a meeting with a salesperson and started to sweat when you heard, “Yes, the system will be fully integrated with your SSO”? How many times have you searched on the internet forSSOand closed your browser after the second click? SAML, OAUth, ws-fed…which of these is the right protocol? Shibboleth, OpenAM, ADFS2, Keycloak…do I need all of them? Do I need them at all? Which is the right solution for my application? How can I protect my APIs? This session covers the most-popular SSO scenarios and will guide you along the sometimes obscure path to the “log in once and access everything” Grail.


Name Title Company
Luis Rodriguez Fernandez Software Engineer Cern

Session Info

Session type Track
Developer Session Developer Community

My Notes

Long introduction…

  • don’t write your own sso! (Unless you have good reasons 😜)

He talks a lot to the screen and not to us. That’s a shame.

His way of presenting makes me loose the thread and I am not able to join again and I finish in a deadlocked state 😜

The scope of what he tells is interesting but…