Bakery is what Drupal.org and <a href="http://groups.drupal.org">groups.drupal.org</a> uses for SSO. However, be warned that it doesn't play nice with the LDAP modules and if your user's clock is off by more than you session expiration amount they will only be able to log in with firefox.<br>
<br><br><div class="gmail_quote">On Wed, Jan 5, 2011 at 10:00 AM, Dave Metzler <span dir="ltr"><<a href="mailto:metzler.dl@gmail.com">metzler.dl@gmail.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex;">
Not sure I agree with this statement. SSO does not demand the sharing of the sessions table, but there are some things you will want to consider how you will share across the sites.... Such assail address and profile pictures. Anyway, this is starting to sound like a support question more than a development question... you might get better answers about how people use the products on the support forums and lists.<br>
<br>
The CAS module provides some minimal functionality for saying, if you're logged into site A then you are logged into site B as well.<br>
<br>
Sent from my iPad<br>
<div><div></div><div class="h5"><br>
On Jan 4, 2011, at 9:51 PM, "Roberto Gorjão" <<a href="mailto:roberto@asenseofdesign.com">roberto@asenseofdesign.com</a>> wrote:<br>
<br>
> Hi Paolo,<br>
><br>
>> The SSO must permits us to:<br>
>><br>
>> 1) Normalize already registered users and automatically get them access to<br>
>> all site's network.<br>
>> 2) Same thing as before but for new registered users.<br>
>><br>
><br>
> 1- SSO doesn't "normalize" already registered users. As each database has,<br>
> currently, it's users table, you'll have to merge users of all future<br>
> "client" sites into the users table of the future "controller" site. Then,<br>
> when setting up SSO, only this last users table will be used and the<br>
> others may even be dropped.<br>
><br>
> 2- New users will be registered on the controller site users table, that<br>
> will be shared with all the client sites. Therefore, yes, users will be<br>
> "normalized" and get automatic access to all sites.<br>
><br>
>><br>
>> Openid could be a solution ?<br>
><br>
> It wouldn't. SSO also permits the sharing of the "sessions" table, which<br>
> is essential for the simultaneous login to work. That wouldn't happen with<br>
> Openid that would login the user just on the one site he's logging in to.<br>
><br>
> HTH<br>
><br>
> Roberto<br>
><br>
><br>
</div></div></blockquote></div><br>