[development] How to do LDAP based SSO?

Jeffry Graham jeff at funnymonkey.com
Thu Aug 6 19:05:06 UTC 2009


If you go the pubcookie route be aware that it will require some  
comfort and/or familiarity with compiling from source as it is highly  
unlikely you will find a compiled pubcookie apache module for your  
distribution/version of apache. Additionally the shared key pubcookie  
setup requires some familiarity with ssl-certs some of these can be  
self signed for the server-to-server chatter, but the client facing  
side login server should have a publicly signed cert for usability  
reasons.

This will apply for each application server in your stack that is  
using pubcookie.

Jeff

On Aug 6, 2009, at 11:48 AM, Robert Wohleb wrote:

> You'll need an SSO provider. I'd recommend looking into something  
> like http://drupal.org/project/pubcookie. I haven't used it, but my  
> understanding is that you setup the pubcookie provider that is  
> linked with your LDAP install, then all of your sites just use  
> pubcookie.
>
> ~Rob
>
> On Thu, Aug 6, 2009 at 7:16 AM, antgiant <antgiant+drupalDevel at gmail.com 
> > wrote:
> Thank you.  However, we're already using that and it doesn't provide  
> any SSO functionality.
>
>
> On Thu, Aug 6, 2009 at 10:14 AM, Ken Rickard  
> <agentrickard at gmail.com> wrote:
> http://drupal.org/project/ldap_integration and its ilk.
>
> On Thu, Aug 6, 2009 at 9:13 AM, antgiant<antgiant+drupalDevel at gmail.com 
> > wrote:
> > We have several drupal installs that all use the same LDAP setup for
> > authentication.  We would like to setup Single Sign On for all of  
> those
> > sites, but it is not feasible for us to use a shared database.
> >  Additionally, we are using LDAP groups to create the Drupal  
> roles.  Any
> > advice on how to accomplish this?  Thanks in advance.
>
>
>
> --
> Ken Rickard
> agentrickard at gmail.com
> http://ken.therickards.com
>
>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.drupal.org/pipermail/development/attachments/20090806/4acfc54c/attachment.htm>


More information about the development mailing list