Sorry if this is a bit off topic, but I'm curious if anyone has experience building single sign on solutions that span multiple technologies, especially if Shiro is involved. Here's what I'd like to do:
* I have built a custom java application and web service that uses Shiro for authentication * User information is currently stored in MySQL and accessed via Hibernate * I'm adding a new feature to allow clients to have a hosted web site/blog/CMS * I want clients to be able to use CMS technologies they are familiar with, such as Drupal or Wordpress * These CMS solutions maintain their own database of users * I'd like to replace the native Drupal or Wordpess user system with my Java app's users * An authenticated user should still have all Drupal/Wordpress features * An authenticated user should be able to login at either my java app or at the CMS site and transition between them without logging in again I just started looking into this and found a SSO solution for Drupal based on CAS, which is a Java-based SSO solution: http://www.longsight.com/blog/drupal-cas-single-sign-on https://wiki.jasig.org/display/CAS/Home However, this doesn't feel like the right direction to go. I feel like I should put my energy into OAuth, OpenID, or similar technologies. What do you think? Thanks, Tauren
