If you go the pubcookie route be aware that it will require some comfort and/or familiarity with compiling from source as it is highly unlikely you will find a compiled pubcookie apache module for your distribution/version of apache. Additionally the shared key pubcookie setup requires some familiarity with ssl-certs some of these can be self signed for the server-to-server chatter, but the client facing side login server should have a publicly signed cert for usability reasons.

This will apply for each application server in your stack that is using pubcookie.

Jeff

On Aug 6, 2009, at 11:48 AM, Robert Wohleb wrote:

You'll need an SSO provider. I'd recommend looking into something like http://drupal.org/project/pubcookie. I haven't used it, but my understanding is that you setup the pubcookie provider that is linked with your LDAP install, then all of your sites just use pubcookie.

~Rob

On Thu, Aug 6, 2009 at 7:16 AM, antgiant <antgiant+drupalDevel@gmail.com> wrote:
Thank you.  However, we're already using that and it doesn't provide any SSO functionality.


On Thu, Aug 6, 2009 at 10:14 AM, Ken Rickard <agentrickard@gmail.com> wrote:
http://drupal.org/project/ldap_integration and its ilk.

On Thu, Aug 6, 2009 at 9:13 AM, antgiant<antgiant+drupalDevel@gmail.com> wrote:
> We have several drupal installs that all use the same LDAP setup for
> authentication.  We would like to setup Single Sign On for all of those
> sites, but it is not feasible for us to use a shared database.
>  Additionally, we are using LDAP groups to create the Drupal roles.  Any
> advice on how to accomplish this?  Thanks in advance.



--
Ken Rickard
agentrickard@gmail.com
http://ken.therickards.com