主权项 |
1. A computer-implemented method of utilizing an authentication scheme for a single sign-on between disparate servers, comprising:
receiving, by a first server, a request for data stored on a second server; retrieving, by the first server, a root certificate for accessing the second server via a single sign-on operation; dynamically generating, by the first server, a user certificate for identifying a currently logged-in user on the first server; signing, by the first server, the user certificate with the root certificate; sending, by the first server, the user certificate to the second server for binding with the request for data; sending, by the first server, the request for data to the second server for authentication using the user certificate, the authentication comprising accessing a mapping table for mapping a subject name in the user certificate to a user of the second server; enabling, by the first server, the single sign-on with the second server, upon an entry being found in the mapping table for the currently logged-in user, the found entry enabling data operations to occur between the currently logged-in user and the second server; and receiving, by the first server, an open web protocol response containing the requested data from the second server. |