vCenter Single Sign-On and its deployment
vSphere 5.1 introduces the vCenter Single Sign On service as a part of the vCenter Server management infrastructure, where Single Sign On simplifies the login process for the Cloud Infrastructure Suite.
vSphere Single Sign On provides a Single Sign On method across management apps. It allows you to log in through the vSphere Web Client or API, and perform operations across all components. It is really a better architecture because a single component offers Multifactor Authentication, multisite support, and supports multiple directory service types.
Single Sign On supports open industry standards, such as SAML 2.0 and WS-TRUST. SAML 2.0 tokens are used to authenticate user to a different trust domain. It implements the brokered authentication architectural pattern. The main benefits of Single Sign On are:
Allows various vSphere components to communicate with each other
Communication through a token exchange mechanism
No more separate authentication required...
