Web Single Sign-On

As your organization expands its use of web applications, both commercial off-the-shelf (COTS) and home-grown, a common issue quickly arises – the management of multiple independent login credentials. Chances are, your users already have 5, 10,15, or more different sets of user IDs and passwords. Keeping track of these credentials can lead to a number of difficulties including:

  • Lost Productivity
    • Users must maintain independent credentials, thereby wasting time redundantly logging-in to systems numerous times throughout the day. These seemingly minor slices of lost time, multiplied over many systems, across many users, and over many days, quickly add up to real costs.
  • Help Desk Expenses and Lost Productivity
    • More than 80% of help desk calls are related to forgotten passwords. Multiple systems with unique passwords mean more opportunity for users to forget. Not only are help desk calls costly, but the resulting lost productivity due to inaccessibility of applications can cripple your business.
  • User Satisfaction Issues
    • A large number of disparate user credentials, and the resulting headache of managing multiple identities, can cause employee satisfaction issues.
  • Difficult Audit Trails
    • Because users have multiple disparate user IDs across various IT systems, “connecting the dots” during an audit exercise can be complex and time-consuming.

Lighthouse Gateway makes web Single Sign-On a reality. All of your web-enabled applications, including portals, Microsoft SharePoint, SAP, J2EE and .NET applications can be accessed via the Gateway without requiring repeat log-ins.

Gateway supports multiple authentication mechanisms, including:

  • User ID and Password
  • X.509 Certificates and Smartcards
  • Two-Factor Hardware Tokens (including RSA SecurID and Vasco)
  • Integrated Windows Authentication (IWA, NTLM, SPNEGO)
  • Federated Assertions (SAML, WS-Federation, OpenID, Liberty ID-FF)

The Gateway acts as a transparent authentication mechanism, allowing users to login once for seamless access to any web application in your environment. Using its support for Integrated Windows Authentication, you can choose to leverage your users’ authentication to their network domain for Enterprise Single Sign-On (ESSO). In this case, users can login to their Windows workstation, open a web browser, and seamlessly access all web applications without ever providing another set of credentials.

Because Lighthouse Gateway’s Single Sign-On capabilities are built upon more than a decade of matured IBM software, you can be assured that its extensive flexibility, feature richness, and stability will make it the perfect fit for consolidating your user credentials.

The features don’t stop there, however. When you leverage Lighthouse Gateway to provide web Single Sign-On, the SSO capability is only one component of the powerful capabilities you’ll have at your disposal for managing your web applications. Learn about Lighthouse Gateway’s powerful Web Access Management (WAM) features that allow you to centrally manage access control policies for your web applications.