SSO Single Sign On Fun

Interesting thing, Single Sign On (SSO), it is very tricky. The product I have been using is Novell’s Secure Login product. I have a number of issues with it and here are a couple. First the documentation is not quite adequate, what would make it much better is a relevance scoring mechanism. The next will be their “application definition” scripting language, I find it ill-conceived. It actually appears to loop through the commands even if you explicitly terminate the script. While they at least got the LDAP and password storage right, they certainly dropped the ball on managed code applications (which means your Java and Dot Net programs will not work well).

Ok, this is Jan 31, 2010. I have an update to this entry in my blog. It is not as bad as what I thought initially but it still is not a very good product. In my experience, the problem is not the automating of the login, it is actually the application definition that can be tricky for managed code. The problem is that managed code controls are actually assigned their control ID number at runtime, as opposed to unmanaged code which is assigned at compile time of the application (when someone created the software product).

The way Novell’s Secure Login software works,  from what I have found, is that it scans everything active on the screen to see if it matches any of the application definitions stored in its repository. This is an alright way of doing things but I don’t think that they are using all of the attributes of applications that they could be.

I am going to be fixing some of their documentation and put it on here for people to use in the future. It will be broken down into types of software the function pertains to as well as which portion of the script it belongs to (either the application definition or the actual login script).

I also wish to take a moment and thank Google for their support of my blog.