Jose Luis de la Rosa Triviño wrote at 2007-2-19 13:07 +0100: >I need to implement a SSO solution for Moodle and Zope. My use case is: > >1. The user logs in Zope. >2. Zope logs in Moodle (in behalf of the user) and forwards the >authentication cookie to the client. > >I suppose that the user has the same credentials in Zope and Moodle. > >I'm trying to implement a script like the one shown below but it seems >too tricky and it does not work. Has anybody implemented this kind of >sso with zope and moodle or whatever?
We perform a remote login from one Zope instance on another Zope instance. The remote login puts the user identity into an encrypted token (together with a timestamp, to make replay attacks more difficult) and sends it to the second instance. This decrypts and checks the token and then performs its own login based on the user identity information. The same will work with any systems, not only Zope ones. -- Dieter _______________________________________________ Zope maillist - Zope@zope.org http://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope-dev )