NCT Simple Signon - Integration without Aggravation

NCT Simple Signon is a vendor neutral tool which lets you tie IBM Lotus Domino™ based sites to corporate intranets, applications outsourced to vendors, channel partner networks, and third party applications by providing a seamless mechanism for accepting user credentials without requiring yet another login.

NCT Single Signon is not just a tool; it’s a ready built solution. Northern Collaborative Technologies has included with NCT Simple Signon a complete Authentication Schema which makes use of a widely available cross-platform industry standard encryption algorithm. The Authentication Schema provided with NCT Simple Signon is designed to be easily shared with your vendors and remote site partners to allow rapid integration without compromising security unnecessarily.

Key features of the built in Authentication Schema
  • Uses the Blowfish encryption algorithm which is readily available as source or in pre-packaged libraries for nearly all development platforms at little or no cost.
  • Includes documentation sufficient for remote site integration – you do not have to write and support your own.
  • Includes built in support for user-name translation, both inbound and outbound, for users with different names on different systems.
  • Includes built in support for limiting specifically which users can use the schema on a per-site basis – preventing users from spoofing an administration login.
  • Includes a pre-built test form you can use to allow remote site vendors to validate their use of the Blowfish encryption algorithms and compare them with yours for compatibility
  • Includes a pre-built test packet generating tool, allowing you to create sample authentication packets for vendors and remote site operators to utilize as they prepare their side of the integration.
  • Includes techniques to prevent the re-use of packets by users either through bookmarks, saved text, or forwarded links.
  • Includes built in support for storing an encryption key for each remote site without exposing that key in a configuration document or source code.