While the concept of authenticating the user is (quite) well accepted, the concept of authorizing and assigning roles to a given user is still a concept that not everybody is familiar with.
Let me recap it again: authentication is the process of identifying the user (who are you?) and authorization is the process of granting access to a given resource (what can you do?).
SecurePass relief the system administrator(s) to identifying securely the user connecting to a given application or a given security device. SecurePass’ web single sign-on feature is a great tool to identify once the end-user while enabling access to every company’s web applications.
It’s still system administrators’ responsibility to grant access to specific resources. The new Apache SecurePass module is intended to address the authorization part, especially when more parties collaborates in a single application.
This great article explains you how:
http://alorenzi.netsons.org/alorenzi/doku.php?id=securepass_module_for_apache
The Apache SecurePass authorization module is ready to embrace the new releases of SecurePass: in future, system administrators’ will be able to manage corporate groups and policies, plus cross-corporation groups.
Stay tune for more in 2013!