Cross Browser SSO?
hstrack at ssystems.de
Wed May 8 11:31:02 EDT 2019
we thinking about a login system where a user logs into a dedicated
application using an embedded browser engine via Shibboleth (e.g. Web
based SSO, no ECP). When the user is authenticated that way he we will
be able to open another browser (e.g. firefox or chrome) and should be
SSO'd into an service provider.
The obvious way to realize this seems to inject the cookie from the
embedded browser somehow into firefox or chrome, but this has somehow
the taste of identity theft.
Has anyone ever tried to accomplish such a workflow? In short: is there
a decent way to achieve a SSO between two browsers or a rich client
application and a browser?
Tel: +49 30 2023 6071 - 1
More information about the users