<html><body style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space; ">If you go the pubcookie route be aware that it will require some comfort and/or familiarity with compiling from source as it is highly unlikely you will find a compiled pubcookie apache module for your distribution/version of apache. Additionally the shared key pubcookie setup requires some familiarity with ssl-certs some of these can be self signed for the server-to-server chatter, but the client facing side login server should have a publicly signed cert for usability reasons.<div><br></div><div>This will apply for each application server in your stack that is using pubcookie.</div><div><br></div><div>Jeff</div><div><br><div><div>On Aug 6, 2009, at 11:48 AM, Robert Wohleb wrote:</div><br class="Apple-interchange-newline"><blockquote type="cite">You'll need an SSO provider. I'd recommend looking into something like <a href="http://drupal.org/project/pubcookie">http://drupal.org/project/pubcookie</a>. I haven't used it, but my understanding is that you setup the pubcookie provider that is linked with your LDAP install, then all of your sites just use pubcookie.<br> <br>~Rob<br><br><div class="gmail_quote">On Thu, Aug 6, 2009 at 7:16 AM, antgiant <span dir="ltr"><<a href="mailto:antgiant%2BdrupalDevel@gmail.com">antgiant+drupalDevel@gmail.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;"> Thank you. However, we're already using that and it doesn't provide any SSO functionality.<div><div></div><div class="h5"><br><br><div class="gmail_quote">On Thu, Aug 6, 2009 at 10:14 AM, Ken Rickard <span dir="ltr"><<a href="mailto:agentrickard@gmail.com" target="_blank">agentrickard@gmail.com</a>></span> wrote:<br> <blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;"><a href="http://drupal.org/project/ldap_integration" target="_blank">http://drupal.org/project/ldap_integration</a> and its ilk.<br> <div><div></div><div><br> On Thu, Aug 6, 2009 at 9:13 AM, antgiant<<a href="mailto:antgiant%2BdrupalDevel@gmail.com" target="_blank">antgiant+drupalDevel@gmail.com</a>> wrote:<br> > We have several drupal installs that all use the same LDAP setup for<br> > authentication. We would like to setup Single Sign On for all of those<br> > sites, but it is not feasible for us to use a shared database.<br> > Additionally, we are using LDAP groups to create the Drupal roles. Any<br> > advice on how to accomplish this? Thanks in advance.<br> <br> <br> <br> </div></div><font color="#888888">--<br> Ken Rickard<br> <a href="mailto:agentrickard@gmail.com" target="_blank">agentrickard@gmail.com</a><br> <a href="http://ken.therickards.com" target="_blank">http://ken.therickards.com</a><br> </font></blockquote></div><br> </div></div></blockquote></div><br></blockquote></div><br></div></body></html>