PBwiki Single Sign-On 3.0

Posted byChris YehPosted inGeek, New featuresTags:

We’ve recently released the third generation of our single sign-on capability, which represents a significant increase in functionality.

Previous generations of PBwiki’s single sign-on let you authenticate people from a particular domain; in other words, if I ran an authentication server for ChrisYeh.com, I could allow other people with ChrisYeh.com identities to log into my individual PBwiki without creating their own PBwiki accounts.

However, we discovered that many of you wanted to authenticate people from more than one domain, and for more than one wiki.  This is a complicated problem, so we sent our resident genius and CTO, Nathan, off to build a solution.  He returned with Single Sign-On 3.0.

Now you can authenticate people from any domain to access any wiki that you control.

Since I am but a marketing guy, for the full details, I’ll turn you over to Nathan and Steven, one of our Support Gurus:

“Single Sign-On (AKA SSO AKA delegated authentication) allows you to build an authentication server that can use your existing user database/directory to help identify and verify users so they may have access to your company’s PBwikis. By doing this you eliminate the need for your users to register an account with PBwiki which in turn eliminates the need for them to remember another username/password.

In four steps the user can use their existing identity to log into into https://my.pbworks.com or https://wikiname.pbworks.com. Depending on the authentication server, you may also be able to set delays (wait period before logging in), access levels (reader, writer, editor, admin), and wiki access (wiki1, wiki2, wiki3 or all the wikis).

Here’s how it works:

1) Your user visits the wiki, and if not already logged in they’re redirected to your authentication server along with several URL parameters required to complete a login.

2) Your authentication server identifies the user and determines the wikis and access levels to grant.

3) Your authentication server redirects the user back PBwiki along with securely signed URL parameters which indicate to our servers who the user is and what permissions they should have on your wikis.

4) PBwiki verifies the URL parameters and signature, then creates a new user account if necessary and then grants the indicated permissions and issues an appropriate set of session cookies for the particular user.

This system, while highly secure, is quick and easy for end users and simple for an IT administrator to set up on your organization’s network. PBwiki has sample code available for a number of common programming languages and can refer independent consultants who have experience integrating customer intranets with PBwiki’s Single Sign-On features.”

For more details on SSO 3.0, you can refer to our documentation on delegated authentication.

Published by Chris Yeh

Chris has been building Internet businesses since 1995. He has been a founder, founding employee, or seed investor in almost a dozen startups, including PBworks, and advises a wide array of startups ranging from network equipment makers to vertical search engines. He liked his investment in PBworks so much, he decided to join the company. Chris earned two degrees from Stanford University and an MBA from Harvard Business School.

One thought on “PBwiki Single Sign-On 3.0

  1. You’re so cool! I do not think I’ve read a single thing like this before.
    So nice to discover somebody with a few genuine thoughts on this topic.
    Seriously.. many thanks for starting this up. This website is something that is required on the internet, someone
    with a little originality!

    Reply

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: