Quoting Marty <martiat_private>: > We have a big discussion going on at one of my clients as we are about > to add an Internet portal to several applications. We are looking at > implementing a single sign-on (SSO) solution for our web applications. Good idea. > 1- Should we buy an already made up single sign-on solution or build one > in house? Or use an existing opensource solution. > We've met with the people from Tivoli and Computers associates already. > Other suggestions? Nope. Lots out there. > 2- What if we go for a temporary in-house solution for next year and get > stuck with it as the portal and the number of applications starts > growing? Then you need to make sure the in-house solution you pick, even if only meant to be temporary, is flexible and extensible. > My concern here is the potential of risk being blamed by the auditors > about an in-house development vs a well known product. I wouldn't worry about that. Either cen be secure/insecure, cheap/expensive, easy/hard to maintain, etc. No clear advantage either way without knowing your extact setup (manpower available, skill level, etc). > The number of users of the portal will grow in the ten of thousands by > the end of next year. Robustness of the solution should also be a main > factor. Yes, but that doesn't affect the choice of in-house/opensource/commercial. > The security of the project is taken care of by firewall, access list, > DMZ etc. Well, I'd sure not depend on only that. Build security into everything, including the single-signon. Security through depth. > The number of different application is already up to ten and the portal > is not even built yet. The deployment of the appliactions (all web > based) should start as early as march 2003. Normal. > Pre-requisites : We have to work with the fact that the environment is > IBM Websphere servers and the fact that we are already using LDAP for > authentication on some applications. No comments on that part please, we > have to live with it... Look at commerical apps and opensource apps (like Horde at www.horde.org) and see if anything meets your needs. If not, then go in-house. > Thanks! > > Marty -- Eric Rostetter The Department of Physics The University of Texas at Austin Why get even? Get odd!
This archive was generated by hypermail 2b30 : Mon Dec 09 2002 - 14:07:08 PST