[Owasp-leaders] I need some advice on Windows-based SSO
thomas.herzog at owasp.org
Fri Mar 16 16:46:06 UTC 2018
basically we require from all Windows-based applications the use of
Kerberos or ADFS. However, it sometimes occurs that application implement
SSO via Windows-properties like
"System.Windows.Forms.SystemInformation.UserName". Our Windows people
instist that this approach is safe to use. It would be great to here some
independent opinion on this topic. Are there possibilities to compromise
I would be happy for any comment on this.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the OWASP-Leaders