Re: Authentication solution

[Hellkyng () gmail com]

Thanks for the responses so far, definitely some valuable information. Based on that I'd like to make the problem a bit 
more complicated.

One of the challenges of implementing an SSO solution is that we use varied authentication methods. They require access 
to applications or portions of applications.

So, any thoughts on how to implement a secure SSO solution when you have two seperate authentication methods in use?

Also once you've authenticated to an app. there is a need to also access portions of other applications within the main 
app. Anyone played around with authenticating an application, within an application with sso? 

Doesn't seem like there are any security best practices for this kind of issue, although I'm sure alot of companies are 
dealing with this type of fun. Thanks for the responses so far!
Mike

------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, how 
it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, 
install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are 
highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------