A single sign-on framework for web-services-based distributed applications

Abstract

The basic specifications of Web services com- pletely ignore the need for secure services that are based on a solid authentication and authorization infrastructure. An enhancement of the basic specifications is in progress, but takes time to complete. A large-scale application built today is still in need of an authentication and authorization infrastructure to offer its services to the customers of the service provider and only to the customers. In the following such an infrastructure is described that is able to empower Web services to properly handle authentication and authorization. This infrastructure is designed as services that can be used by any Web service needing authentication and authorization.