| Configuring the Genero Application Server | |
Single sign-on allows a user to enter one name and password in order to access multiple applications. Genero Application Server supports three kinds of single sign-on.
Kerberos authentication provides a single sign-on from the user logging in on the desktop to the database connection using impersonation. It is used to run the DVM with the logged user identity. To use, you need a Kerberos infrastructure and a strong knowledge of Kerberos.
Kerberos is intended for the Genero Web Client and Genero Desktop Client applications only. It is not intended for Genero Web Services.
OpenId is used for standard Web applications that handle many users. OpenId is intended for public Web applications. A user has the same identifier that he can use on different web sites. Information maintained on the identity of the user is limited.
SAML is used for standard Web applications that handle many users. SAML is intended for private or intranet Web applications. You have to be referenced on one of the trusted identity providers. You can exchange custom information (attributes) on the identity.