NCT Simple Signon - Integration without Aggravation
NCT Simple Signon is a vendor neutral tool which lets you tie IBM Lotus Domino™ based sites to corporate intranets, applications outsourced to vendors, channel partner networks, and third party applications by providing a seamless mechanism for accepting user credentials without requiring yet another login.
Pass users to your Domino site without a login prompt
|Do you already have another secure site? Keep using it. Authenticate users as you already do on that site, then with a simple URL link, pass them to Domino and automatically log them in. Our customers are passing users to Domino using NCT Simple Signon from Oracle, Siebel, PeopleSoft, and custom applications created in Java, Perl, Python, and many others.|
Automatically log-in returning users
|Do you want to remember users who have been to your site before? With NCT Simple Signon you can store their credentials in a permenant cookie on their browser, and log them in automatically when they return days, weeks, or months later. You decide when and how long.|
Use another database for user names and passwords
|Does your firm have a database or web service for authenticating users across many systems? NCT Simple Signon lets you use nearly any data source for credentials.|
Easily pass users between servers with different software, hardware, and operating systems -- even on different networks.
NCT Simple Signon provides a simple way to define individual shared access relationships on a one to one basis with a variety of different remote sites. Better still, it lets you get there quickly by providing a complete vendor neutral built in Authentication Schema which is fully documented and ready to share with the administrators at remote sites.
On the other hand, perhaps someone else has already defined a method for passing user data to you and you need to accept that data and log them in. NCT Simple Signon provides a simple function to do just that.
NCT Simple Signon does not force your vendors, partners, or other corporate sites to agree on a single universal sign on solution, and unlike traditional “Single Sign On” tools, NCT Simple Signon does not require you to relinquish all control of your server to some central authentication point – though you can if you like. NCT Simple Signon doesn’t even require that it is the only method for authentication on your server, or that you use it in only one way.
How is NCT Simple Signon Different?
There is no shortage of tools on the market designed to provide so-called “Universal Login” or “Single Sign-On”. What nearly all of these tools assume however, is that a single defined platform, directory, and definition can be universally adopted across all the parts of the system to provide seamless integration. NCT Simple Signon makes no such assumptions.
Suppose your secure partner channel website has an established directory and password system with a highly granular level of access controls. Now suppose you want to provide additional features for some or all of those partners, but those features are to be provided by a third party vendor with whom you have contracted. You may not be the only customer of this vendor, they may not be your only vendor, or they may have an offering incompatible with your naming of security choice.
NCT Simple Signon provides a simple way to define individual shared access relationships on a one to one basis with these kinds of outside managed sites.
What? No central directory?
That’s right. NCT Simple Signon does not require you to share a directory with all the sites you do business with. By supporting defined name translation, we allow each site participating in a shared authentication schema to maintain its own directories as they best suit the purpose of that site. Nothing prevents you from sharing directory or group information from site to site, we simply do not require it.
Why doesn't NCT Simple Signon use a DSAPI filter?
DSAPI is the defined method for making authentication and access changes to the default way Lotus Domino authenticates users. The problem with using DSAPI is that it is in use and in-line as part of every single http transaction that occurs on your server. As a result, even the slightest problem with the way a DSAPI filter is designed or implemented can very quickly produce a cumulative impact sufficient to cause major problems for your server. At Northern Collaborative Technologies, we have simply chosen a less problematic approach for NCT Simple Signon.
Unlike a DSAPI filter, NCT Simple Signon makes only a very limited number of calls to the Lotus Domino CAPI. Those calls are made only when specifically needed to authenticate a user, and only once per session for that user. The result is thousands or even tens of thousands of fewer calls to the API, and a drastically reduced likelihood of problems.