Single Sign-On Integration in a Distributed Enterprise Service Bus

Service-oriented architecture supports the dynamic establishment of composite services issued from different organizations and delivers a large spectrum of innovative services. In such distributed environment, authentication and authorization processes require flexible access control to deal with heterogeneous services´ directories and dynamic network of identity providers. Federated identity management and single sign-on (SSO) approaches enable identity management, authentication and access control. Unfortunately they are designed to operate in static and pre-defined collaboration scenarios and thus fail to cope with on the fly composition of services. In this paper we discuss the limitations of these approaches and then we present a solution that incorporates dynamic federated identity management and advanced authorization mechanism. We implement the solution through PEtAIS enterprise service bus (ESB) which is an open source highly distributed service-oriented middleware.