How OpenERP works as SSO ?
What is SSO ?
Single sign-on (SSO) is a session/user authentication process that permits a user to enter single time name and password in order to access multiple applications. The process authenticates the user for all the applications they have been given rights to and eliminates further prompts when they switch applications during a particular session.
What is OpenID ?
OpenID allows you to use an existing account to sign in to multiple websites, without needing to create new password.
With OpenID, your password is only given to your identity provider, and that provider then confirms your identity to the websites you visit. Other than your provider, no website ever sees your password, so you don’t need to worry about an unscrupulous or insecure website compromising your identity.
How it works ?
We will start from creating OpenID for user from given URL:
You will find out so many providers for OpenID but we have to select any of them. For testing purpose we are going to select this :
Create your own OpenID.
Once you provide all information to create, you will get following screen.
Now check your email account which you have given at the time of creating OpenID account. You will get email from OpenID provider. Just click on provided URL in email and following screen will appear.
Now install ‘OpenID’ module into OpenERP.
After installation of this module, you can see new tab ‘OpenID’ into User form. Provide OpenID information in these fields and save it and logout.
After all these processes, we have to restart OpenERP server with following parameters.
--load=web,auth_openid
Now we will check the changes applied into our OpenERP. Just start OpenERP Webclient and find new icons on your login screen.
Click on “OpenID” icon and provide URL for login.
Now it’s going to check authentication of given URL and if user will login first time with OpenID, it will ask for login.
After signing in, it will ask user for some configuration.
Press on Continue button and OpenERP is ready to work with OpenID i.e. SSO with OpenERP
Reblogged this on Researcher's Blog.
OpenID is a centralized method of authentication where SSO is a method of authorization. That’s great that I can use my Google account to login in to OpenERP but just because I’m signed in to Google does not mean that I’m signed in to OpenERP, that’s what SSO would be (i.e; by logging in to Gmail, I can access all of Google’s other services, like Calendar or Drive without logging in to each one).
P.S. I don’t mean to come off as harsh, I just keep finding this blog while searching for OpenERP and SSO. 😉