PistolStar Enables Lotus Domino Single Sign-On via Kerberos
Market Wire, August, 2007
PistolStar, Inc., an authority in password management integrating Microsoft Active Directory, today introduces the Password Power Plug-In for Lotus Domino Single Sign-On via Kerberos, the latest addition to PistolStar's framework of plug-ins for optimizing authentication to multiple enterprise applications.
The Plug-In for Lotus Domino Single Sign-On via Kerberos allows users connecting to Domino to achieve single sign-on (SSO) to all Domino HTTP servers using the Kerberos network authentication protocol to Active Directory, which uses secret-key cryptography. Administrators remove the need to manage separate passwords for their Domino HTTP servers and enhance overall password security. No passwords are sent over the network and the end-user and server are mutually authenticated, preventing server attacks and malicious programs that try to impersonate the server to get the user's private information.
Related Results
"Employees in companies using IBM Lotus applications typically have numerous password prompts, including those for accessing Microsoft Windows and Domino HTTP sessions such as Lotus Domino Web Access, Sametime, QuickPlace, and Domino Web applications," states Gregg Browinski, chief technology officer, PistolStar Inc. "The Plug-In for Lotus Domino Single Sign-On via Kerberos provides a secure way to authenticate one time and then access additional applications or Websites without further prompting for a username and password. Administrators no longer need to perform several separate password resets when users forget their passwords or to synchronize numerous sets of password quality rules."
Kerberos authentication is one of three options PistolStar's Password Power offers for achieving SSO to Domino HTTP, the other options including proprietary SSO tokens (Domino SSO Plug-In) and via login to a portal such as Microsoft SharePoint (the Portal Plug-In).
Originally developed at and used by the Massachusetts Institute of Technology (MIT), Kerberos has become the foundation for authentication in Windows operating systems since Microsoft implemented it as the default authentication mechanism in Windows 2000. Kerberos requires connectivity to a central Key Distribution Center (KDC), which, in Windows, is any Microsoft Active Directory domain controller.
Users of the Domino SSO/Kerberos Plug-In authenticate to the KDC (Active Directory), requesting encrypted service tickets for the specific service they wish to use (e.g. Web servers). Only the service and the KDC can decrypt the service ticket to get the user's authentication information. The service trusts the credentials in the service ticket because it knows the ticket could only be created by the KDC and thus recognizes the end-user must have been authenticated by the KDC in order to receive the ticket.
Kerberos authentication enables end-users on Windows 2000, XP and Vista to just logon to a Windows domain at the start of their workday, as it provides further integration with Windows and Active Directory. Therefore, when the end-user wants to access a server for which they use Kerberos authentication, their browser retrieves the service ticket from the KDC and sends it to the server automatically.
For more information on the Kerberos authentication protocol, go to http://web.mit.edu/Kerberos/#what_is .
System Requirements
Included in Password Power 8, the Plug-In for Lotus Domino Single Sign-On via Kerberos supports Microsoft Windows Vista, XP, and 2000 client machines, Windows 2000 and 2003 Active Directory as KDC (MIT KDC not supported), and Lotus Domino R5/6/7/8/ on Windows. Internet Explorer and Mozilla Firefox have built-in support for Kerberos authentication to Web browsers. Explorer 5.0 or higher or Firefox 1.5 or higher are required. End-users must log in using their Active Directory domain account. Machines on which Domino is running must be joined to the Active directory domain and Domino should run as a service.
About PistolStar, Inc.
PistolStar, Inc., an authority in password management and Microsoft Active Directory integration, provides solutions that meet the challenges of securing the global enterprise. PistolStar's products mitigate technology issues by creating elegant, simple, and efficient solutions to customers' complex problems.
PistolStar serves customers in a variety of industries, such as pharmaceuticals, finance/banking, energy and healthcare, focusing on Global 2000 organizations that have intricate security requirements. To learn more, visit the PistolStar website at http://www.pistolstar.com .
Add to Digg Bookmark with del.icio.us Add to Newsvine
Contact: Beth Bryant 508-786-3013 Email Contact
Most Recent Business Articles
- Multiple criteria evaluation and optimization of transportation systems
- Multi-criteria analysis procedure for sustainable mobility evaluation in urban areas
- A two-leveled multi-objective symbiotic evolutionary algorithm for the hub and spoke location problem
- Multi-criteria analysis for evaluating the impacts of intelligent speed adaptation
- The development of Taiwan arterial traffic-adaptive signal control system and its field test: a Taiwan experience
Most Recent Business Publications
Most Popular Business Articles
- 7 tips for effective listening: productive listening does not occur naturally. It requires hard work and practice - Back To Basics - effective listening is a crucial skill for internal auditors
- FAS 109: a primer for non-accountants - Financial Accounting Standards Board's "Statement 109: Accounting for Income Taxes"
- LIFO vs. FIFO: a return to the basics
- Design a commission plan that drives sales - Sales Commissions
- Too Young to Rent a Car? - 25-years-old the minimum age for car renting - Brief Article
Most Popular Business Publications
Content provided in partnership with
