Single Sign-On is important – it increases security and convenience, provide centralized user access control, and it gives me one less password to remember!
One approach to implementing an SSO solution is to use a federated authentication system such as SAML. There are a couple of moving parts in any SAML implementation:
- You – the user – the subject of the security assertion
- The service provider – in our case your Force.com org and application
- An identity provider – an authority system that provides user information
The Force.com platform supports SAML 2 as an SSO implementation, and Developer Force has just published an article Single Sign-On with SAML on Force.com that shows how to implement an SSO implementation using Force.com as the service provider, and OpenSSO on Glassfish as the identity provider.