[Product-Developers] Re: Single sign on across heterogenuous systems
Matthew Wilkes
matt at matthewwilkes.name
Tue Jul 1 11:05:20 UTC 2008
On Heisei 0020-07-01, at 082743BST, Martin Aspeli wrote:
> Yeah, that thought did cross my mind. However, I'm not sure
>
> a) how to run an openid server
I've been working on circulartriangle.openid (collective) that's
nowhere near ready as I've not had much time to play but it _does_
provide a working OpenID server for some simple by-hand testing.
> This sounds like something where CAS, possibly in combination with
> LDAP,
> provides an out-of-the-box solution.
Indeed, CAS authentication working with Plone is nice and simple, it's
in use all over bris.ac.uk and ubu.org.uk.
> I've tested shibboleth and Plone, works fine.
Also fine, although shibboleth works very differently, you often don't
get an assertion of the username, just his privileges. Bit more
hassle to set up too, although I was federating through JANET so it
may be easier to run your own federation.
Also, I've got Stanford webauth working with Plone, although the
Apache plugin can be a bit flaky.
Matt
More information about the Product-Developers
mailing list