hi martin, authenticating against cas in plone is implemented using CAS4PAS (http://dev.plone.org/collective/browser/Products.CAS4PAS) and collective.castle (http://dev.plone.org/collective/browser/collective.castle). the collective.castle has a stable branch that exposes CAS4PAS configuration as a plone control panel.
note that these two enable plone to authenticate a plone site against a cas server, not to act as one. we have been using the two packages and they work. we do authorization against an LDAP server but i suppose it may be possible to authz against source users as well as long as there's a common user ID. shurik Martin Aspeli wrote: > > Wichert Akkerman wrote: >> Previously Martin Aspeli wrote: >>> Hi all, >>> >>> I have a Plone site that will maintain a member database and content. >>> One part of the site will go off to a "white labelled" (i.e. same style >>> sheet and template) shop system hosted by a third party, on completely >>> separate infrastructure. The shop will live on shop.domain.com and the >>> Plone site on domain.com. >>> >>> I would like to support single sign-on and shared member data across >>> these two sites. In particular, users should only sign onto the Plone >>> site. When they enter the shop, they should appear logged in there if >>> they were logged into the Plone site (if they're not, there'll be a "log >>> in" link that goes back to the Plone site). Member data should only be >>> held in one place, the Plone site. >> >> This sounds like something where CAS, possibly in combination with LDAP, >> provides an out-of-the-box solution. > > You mean http://www.ja-sig.org/products/cas? > > Do we have any examples of this used in Plone? > > Thanks! > > Martin > > -- > Author of `Professional Plone Development`, a book for developers who > want to work with Plone. See http://martinaspeli.net/plone-book > > > _______________________________________________ > Product-Developers mailing list > [email protected] > http://lists.plone.org/mailman/listinfo/product-developers > > -- View this message in context: http://www.nabble.com/-Product-Developers--Single-sign-on-across-heterogenuous-systems-tp18205059s20094p18224205.html Sent from the Product Developers mailing list archive at Nabble.com. _______________________________________________ Product-Developers mailing list [email protected] http://lists.plone.org/mailman/listinfo/product-developers
