Jeremy Smith's blog

Entry Is Labelled

Single Sign On and the Chicken and Egg Problem

There's an interesting problem when deploying a Single Sign On framework. (For some background on what a "Single Sign On framework" is, read What Single Sign On is and is not.) Deploying a SSO framework and protecting certain web resources with it means you will end up changing the "user experience." When a user goes to visit a site, they will be prompted with something different; and this could end up confusing a user. All of a sudden, they try to access and a site called something different demands their password. It may lead them to believe they are being hacked or such.

Basically, as a general rule, any time you are going to change or affect the user experience, you want to announce it beforehand so that it can be expected.

But, why announce an SSO framework that isn't being used yet?

I can only imagine what the newsgroups would fill up with.

"What morons! They announced that they deployed a single sign on environment that isn't used by anything... it doesn't even exist!"


Chicken and egg problem.