Hi,
Our objective is to create an external single-sign-on (SSO) module to
support login to the various applications we currently use. We are in the
process of custom developing the SSO module in-house to support these
multiple applications. This module will present a form to allow the user
to type in the user name and a password and click Submit to authenticate.
Upon successful authentication, against our ldap system, user's browser
will be redirected to your application.
What we need to understand from you is - how to best integrate with the
external authentication/authorization module we are developing currently?
What's your current default model of handling user authentication? Can
your application support an external SSO component? This support would
imply that the application can turn OFF its default authentication mode
and can rely on this external SSO module to pass back a secure token. If
you have a standard approach that we can follow, please provide the
necessary details, including any open API's your application might provide
for this purpose.
Provided you don't support a more common approach (because we need to
worry about 8 other in-scope applications working with each other based on
this common SSO layer), how flexible/quick are you upon receiving our
requirement to complete your own in-house custom development to align with
our strategy?
I'd appreciate if your initial response is handled via email and is sent
back to us no later than Friday, November 9th, and then we'll look to
schedule a follow-up call for any open questions during the week of
November 12th.
Thanks, Ed
Eduard Perelman | Contractor | Assigned to: IT Services
200 Plaza Drive, Secaucus, NJ 07094, United States of America
Office: +1 201 872 2215 | Cell: +1 917 306 8364 | eduard.perelman_at_ey.com
Website: www.ey.com
Thank you for considering the environmental impact of printing emails.
Any U.S. tax advice contained in the body of this e-mail was not intended or written to be used, and cannot be used, by the recipient for the purpose of avoiding penalties that may be imposed under the Internal Revenue Code or applicable state or local tax law provisions.
________________________________________________________________________
The information contained in this message may be privileged and confidential and protected from disclosure. If the reader of this message is not the intended recipient, or an employee or agent responsible for delivering this message to the intended recipient, you are hereby notified that any dissemination, distribution or copying of this communication is strictly prohibited. If you have received this communication in error, please notify us immediately by replying to the message and deleting it from your computer.
Notice required by law: This e-mail may constitute an advertisement or solicitation under U.S. law, if its primary purpose is to advertise or promote a commercial product or service. You may choose not to receive advertising and promotional messages from Ernst & Young LLP (except for Ernst & Young Online and the ey.com website, which track e-mail preferences through a separate process) at this e-mail address by forwarding this message to no-more-mail_at_ey.com. If you do so, the sender of this message will be notified promptly. Our principal postal address is 5 Times Square, New York, NY 10036. Thank you. Ernst & Young LLP
Received on 2012-11-02 22:06:54 CET