[consulting] consulting Digest, Vol 53, Issue 30

Bill Fitzgerald bill at funnymonkey.com
Sun Jun 27 15:33:53 UTC 2010 

We have done a fair amount of integration work between Drupal and other 
apps, including Moodle - the feedback about LDAP is spot-on.

"Single sign on" means different things to different people, and any 
implementation can quickly get lost in the weeds - does "SSO" mean a 
common identity across all sites? Does it mean "log in to one site, and 
automatically get logged in to X other sites"? Does it mean a shared 
username password? And on the back-end, does this mean that there are 
multiple sources of user data that get synched (and if the answer is 
yes, RUN!) or a single data source used by all apps for authentication?

And what happens when someone logs out?

LDAP authentication against a single authoritative source of user data 
provides an excellent starting point. Once this is in place, you'll be 
in a better position to evaluate what your org needs. And, in the 
process, you can use the roll out to get your user data into one place, 
and in good shape.

Cheers,

Bill

On 6/27/10 12:19 AM, Sami Khan wrote:
> On Sat, 2010-06-26 at 10:42 -0500, Sarah Poger Gladstone wrote:
>
>    
>> Any ideas/pointers for a successful roll-out of a Drupal site using
>> OpenID with a _very_ low-tech crowd?
>>
>>      
> I would not bother with OpenID. It's too difficult to use and as a
> protocol a brainf* to debug. I am not sure about how far the OpenID
> server in Drupal has come along, but last time I used it I was not
> impressed. Just roll out LDAP and they can have one login/password for
> your site and you're done.
>
> Regards,
> Sami
>
>
>    
>> -Sarah
>>
>>
>>
>>
>> On Fri, Jun 25, 2010 at 12:45 AM, Sami Khan<sami at etopian.net>  wrote:
>>          LDAP:
>>
>>          http://docs.moodle.org/en/LDAP_authentication
>>
>>          http://drupal.org/project/ldap_provisioning
>>
>>          http://drupal.org/project/ldap_integration
>>
>>          Regards,
>>          Sami
>>
>>          On Fri, 2010-06-25 at 00:29 -0500, Sarah Poger Gladstone
>>          wrote:
>>
>>
>>          >  The level of integration I am looking for is just
>>          single-sign on so
>>          >  that anyone with a Drupal user name and password can
>>          seamlessly log
>>          >  into Moodle.   Then picking a similar color scheme for the
>>          Moodle
>>          >  theme so that it compliments the Drupal theme.
>>          >
>>          >  I am NOT planning to tie content from from one to the other,
>>          or any
>>          >  other connectivity.
>>          >
>>          >  Some links I have looked at for single sign on:
>>          >  http://drupal.org/project/moodle    and
>>          >  http://moodle.org/mod/data/view.php?d=13&rid=2941&filter=1
>>          >
>>          >  Thanks,
>>          >  Sarah
>>          >
>>          >  On Thu, Jun 24, 2010 at 1:16 PM, Sami Khan
>>          <sami at etopian.net>  wrote:
>>          >  >  On Thu, 2010-06-24 at 11:06 -0400, Joe Murray wrote:
>>          >  >
>>          >  >>  Just to echo parts of what Sami and Tim are saying: try
>>          to keep the
>>          >  >>  level of integration required between the Moodle and
>>          Drupal/CiviCRM
>>          >  >>  parts of the site to a minimum. Where it is necessary,
>>          try to make it
>>          >  >>  as thin and standardized as possible, or as loose and
>>          distant as
>>          >  >>  possible. For example, give Moodle and Drupal/CiviCRM
>>          complementary
>>          >  >>  but separate branding, so you don't have to replicate
>>          changes in both
>>          >  >>  environments, especially not simultaneously. It might
>>          even be good to
>>          >  >>  make one application a subdomain, eg
>>          crm.mycongregation.org. Also, you
>>          >  >>  might want to try to avoid developing integrated login by
>>          using LDAP
>>          >  >>  for single sign-on, though of course setting that up for
>>          Moodle and
>>          >  >>  Drupal / CiviCRM can be its own small kettle of fish. The
>>          objective as
>>          >  >>  I see it would be to avoid having to maintain middleware
>>          code that
>>          >  >>  would have to be kept in synch with two or more projects
>>          that each has
>>          >  >>  its own upgrade cycle.
>>          >  >
>>          >  >  Agree. The problem is that there is no middle ware. Any
>>          such work often
>>          >  >  ends up corrupting one of the systems with tons of hacks
>>          that are not
>>          >  >  easily maintained. Also, it never looks like one app and
>>          expending
>>          >  >  resources to make it look like one is a waste of time.
>>          >  >
>>          >  >>
>>          >  >>  As this is starting to become fairly complex but is
>>          really useful for
>>          >  >>  your vertical, you might want to make it into a SaaS
>>          offering so that
>>          >  >>  the setup and maintenance costs (and expertise) can be
>>          reduced through
>>          >  >>  scale and allocated to more customers.
>>          >  >
>>          >  >  Agree.
>>          >  >
>>          >  >  _______________________________________________
>>          >  >  consulting mailing list
>>          >  >  consulting at drupal.org
>>          >  >  http://lists.drupal.org/mailman/listinfo/consulting
>>          >  >
>>          >
>>          >
>>          >
>>
>>
>>          _______________________________________________
>>          consulting mailing list
>>          consulting at drupal.org
>>          http://lists.drupal.org/mailman/listinfo/consulting
>>
>>
>>
>>
>> -- 
>> Sarah Gladstone
>> main: 312-970-0613
>> direct: 312-933-9275
>> skype: sarah.gladstone
>> Pogstone Inc.
>> www.pogstone.com
>>
>>
>>
>>      
>
> _______________________________________________
> consulting mailing list
> consulting at drupal.org
> http://lists.drupal.org/mailman/listinfo/consulting
>

More information about the consulting mailing list