Single Sign On Service | SSO | What is Single Sign On?
Single Sign On (SSO) is an authentication process that allows a user to enter name and password once and logged in into multiple applications and can access them too i.e. Single time signed in that’s why this mechanism is called Single Sign On.
Single sign-on (SSO) also known as Enterprise Single Sign On ( ESSO ), it is a mechanism provides you a way where you can use same id and password to access multiple applications and switching between them without being faced or prompted Login again and again.
SSO reduces the need to enter passwords multiple time, so SSO also known as RSO ( Reduced Sign On).
In SSO, the process of authentication that reduces multiple prompts of Login, is Applicable to a particular session, if time of session get overed, user has to signed in.
Every time, Single Sign On have to check user request that generates traffic between between the browser, application and security server which affects on the performance but nowadays Single Sign On mechanism use LDAP i.e. Lightweight Directory Access Protocol to store the policies of authentication and authorization and gives high performance.
If Single sign on is not designed and implemented properly, it can lead to a condition where if SSO system goes down, no user can access any application protected by SSO system.
Different application may be using different authentication mechanisms , Single Sign On translates and stores different credentials and all that is compared for initial authentication.
SSO is a subset of federated identity management, Single sign on also take places in enterprises using federated authentication.Say For example, if any employee of business partner has successfully logged into his system but when clicks on a link of your system, his SSO will give you a security assertion token using SAML (Security Assertion Markup Language), OAuth or OpenID or WS Federation. Then your SSO will receive this token and verifies it and allows him to access your system without any login.
Google provides Single Sign-On service which is based on SAML and allows access to Gmail, Google+, GTalk or Google Calendar etc. Thats why by sign on in Gmail , you are automatically signed on to Google+ and other applications.