Single Sign On
Jump to navigation
Jump to search
Mozilla has over 100 web properties. A reoccurring idea in the Mozilla community is to implement Single Sign-On (SSO).
This has been discussed many times off and on over the last few years. The Webdev team is leading a Web based SSO solution, which will be rolled out onto MDN.
Please use the Discussion tab to work through contentious points.
Technical Details
- The Secret Squirrel Project is a CAS 2.0 based SSO server
- New User Credentials (not bootstrapped from AMO, Firefox Sync, or any other source)
- MDN is the first target app
- Good choice as it currently has three codebases Dekiwiki, phpbb, and Django
FAQ
- Q: Will SSO be a profile server?
- A: No, not in v1.0, probably never
Reasoning: The SSO webapp will have a user page where you can see what apps you've integrated sign-on for. Client webapps still need to define and build out their profile pages. Some user metadata can be gleaned from the SSO server, but updating, storing extra metadata, etc is TBD and probably belongs in a different web service.
- Q: Will SSO handle authorization
- A: No, SSO is for authentication, each client application will implement Authorization