The new (and improved!) CERN Single-Sign-On
European Organization for Nuclear Research (CERN)
* e-mail: email@example.com
** e-mail: firstname.lastname@example.org
Published online: 23 August 2021
The new CERN Single-Sign-On (SSO), built around an open source stack, has been in production for over a year and many CERN users are already familiar with its approach to authentication, either as a developer or as an end user. What is visible upon logging in, however, is only the tip of the iceberg. Behind the scenes there has been a significant amount of work taking place to migrate accounts management and to decouple Kerberos  authentication from legacy Microsoft components. Along the way the team has been engaging with the community through multiple fora, to make sure that a solution is provided that not only replaces functionality but also improves the user experience for all CERN members. This paper will summarise key evolutions and clarify what is to come in the future.
© The Authors, published by EDP Sciences, 2021
This is an Open Access article distributed under the terms of the Creative Commons Attribution License 4.0, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.