[Product-Developers] Re: Single sign on across heterogenuous systems

shurik aleksandrv at berkeley.edu
Tue Jul 1 20:02:49 UTC 2008


hi martin,

authenticating against cas in plone is implemented using CAS4PAS
(http://dev.plone.org/collective/browser/Products.CAS4PAS) and
collective.castle
(http://dev.plone.org/collective/browser/collective.castle). the
collective.castle has a stable branch that exposes CAS4PAS configuration as
a plone control panel.

note that these two enable plone to authenticate a plone site against a cas
server, not to act as one. we have been using the two packages and they
work. we do authorization against an LDAP server but i suppose it may be
possible to authz against source users as well as long as there's a common
user ID.

shurik


Martin Aspeli wrote:
> 
> Wichert Akkerman wrote:
>> Previously Martin Aspeli wrote:
>>> Hi all,
>>>
>>> I have a Plone site that will maintain a member database and content. 
>>> One part of the site will go off to a "white labelled" (i.e. same style 
>>> sheet and template) shop system hosted by a third party, on completely 
>>> separate infrastructure. The shop will live on shop.domain.com and the 
>>> Plone site on domain.com.
>>>
>>> I would like to support single sign-on and shared member data across 
>>> these two sites. In particular, users should only sign onto the Plone 
>>> site. When they enter the shop, they should appear logged in there if 
>>> they were logged into the Plone site (if they're not, there'll be a "log 
>>> in" link that goes back to the Plone site). Member data should only be 
>>> held in one place, the Plone site.
>> 
>> This sounds like something where CAS, possibly in combination with LDAP,
>> provides an out-of-the-box solution.
> 
> You mean http://www.ja-sig.org/products/cas?
> 
> Do we have any examples of this used in Plone?
> 
> Thanks!
> 
> Martin
> 
> -- 
> Author of `Professional Plone Development`, a book for developers who
> want to work with Plone. See http://martinaspeli.net/plone-book
> 
> 
> _______________________________________________
> Product-Developers mailing list
> Product-Developers at lists.plone.org
> http://lists.plone.org/mailman/listinfo/product-developers
> 
> 

-- 
View this message in context: http://www.nabble.com/-Product-Developers--Single-sign-on-across-heterogenuous-systems-tp18205059s20094p18224205.html
Sent from the Product Developers mailing list archive at Nabble.com.





More information about the Product-Developers mailing list