it:ad:patterns:single_sign_on_strategy

IT:AD:Patterns:Single Sign On Strategy

Summary

It's simple…you can guarantee that you – as a general application developer – know far less about security than a hacker that spends his/her day with this subject matter as their only concern.

Never ever ever ever keep your user's authentication information (username/pwd/contactinfo/challenge) in your applicaition.

Use Separation of Concerns and use a Single Sign On service: you concentrate on your app, let them concentrate on protecting their database…

  • /home/skysigal/public_html/data/pages/it/ad/patterns/single_sign_on_strategy.txt
  • Last modified: 2023/11/04 03:29
  • by 127.0.0.1