VMware introduces vCenter Single Sign-On with vSphere 5.1. This solution creates a new layer between the vSphere solutions and the customers identity sources. The figure below gives a graphical representation where to position vCenter Single Sign-On.
The vCenter Single Sign-On server is the vSphere platform service that will be in between the vSphere solution, such as vSphere Web Client, vCenter, vCloud Director,etc., and the identity sources that are available within the customer infrastructure.
vCenter Single Sign-On has been introduced within the vSphere environment for the following reasons:
· Provide one single sign-on solution for authentication across all management applications;
· Support for multiple user identity repository solutions;
· One central point for authorization and auditing within the vSphere environement;
· Trust between components using token exchange, in stead of each solution having it’s own identity creation and authorization process;
· Support for open standard authentication protocols: SAML 2.0 and WS-TRUST.
Besides the improvements mentioned above, vCenter Single Sign-On can now also be setup with a in a more resilient setup. This will result in a high availability level for authentication in the vSphere environment.
For more information about the vCenter Single Sign-On Server look at the “vSphere 5.1 – What’s New vCenter Server”