Can you expand on the Bakery+LDAP issues? And, maybe file it as an issue? ;)
-- Greg Knaddison | 720-310-5623 | http://growingventuresolutions.com Mastering Drupal | http://www.masteringdrupal.com On Wed, Jan 5, 2011 at 9:20 AM, antgiant <antgiant+drupalde...@gmail.com> wrote: > Bakery is what Drupal.org and groups.drupal.org uses for SSO. However, be > warned that it doesn't play nice with the LDAP modules and if your user's > clock is off by more than you session expiration amount they will only be > able to log in with firefox. > > > On Wed, Jan 5, 2011 at 10:00 AM, Dave Metzler <metzler...@gmail.com> wrote: >> >> Not sure I agree with this statement. SSO does not demand the sharing of >> the sessions table, but there are some things you will want to consider how >> you will share across the sites.... Such assail address and profile >> pictures. Anyway, this is starting to sound like a support question more >> than a development question... you might get better answers about how >> people use the products on the support forums and lists. >> >> The CAS module provides some minimal functionality for saying, if you're >> logged into site A then you are logged into site B as well. >> >> Sent from my iPad >> >> On Jan 4, 2011, at 9:51 PM, "Roberto Gorjão" <robe...@asenseofdesign.com> >> wrote: >> >> > Hi Paolo, >> > >> >> The SSO must permits us to: >> >> >> >> 1) Normalize already registered users and automatically get them access >> >> to >> >> all site's network. >> >> 2) Same thing as before but for new registered users. >> >> >> > >> > 1- SSO doesn't "normalize" already registered users. As each database >> > has, >> > currently, it's users table, you'll have to merge users of all future >> > "client" sites into the users table of the future "controller" site. >> > Then, >> > when setting up SSO, only this last users table will be used and the >> > others may even be dropped. >> > >> > 2- New users will be registered on the controller site users table, that >> > will be shared with all the client sites. Therefore, yes, users will be >> > "normalized" and get automatic access to all sites. >> > >> >> >> >> Openid could be a solution ? >> > >> > It wouldn't. SSO also permits the sharing of the "sessions" table, which >> > is essential for the simultaneous login to work. That wouldn't happen >> > with >> > Openid that would login the user just on the one site he's logging in >> > to. >> > >> > HTH >> > >> > Roberto >> > >> > > >
