SP Without SSO...

Peter Schober peter.schober at univie.ac.at
Wed Sep 14 23:08:08 BST 2011

* John Mitchell <jpmitchell at alaska.edu> [2011-09-14 23:57]:
> We have a use case for an application where a user has two sets of
> credentials they want to use with the application. One being more
> privileged than the other (an admin account, and a non-admin
> account).

Since the "admin account" use-case is a rather limited one (we
probably have 10.000 times the number of students compared to admins
for a given application) I usually recommend to use a second
webbrowser -- or a second instance or "private browsing" mode of the
same webbrowser -- which will not share state with the other instance
for admin account usage.
Beats ruining the SSO experience for everyone else (or running a
second IdP) any day for me.

More information about the users mailing list