[Product-Developers] Re: Single sign on across heterogenuous systems
shurik
aleksandrv at berkeley.edu
Tue Jul 1 20:02:49 UTC 2008
hi martin,
authenticating against cas in plone is implemented using CAS4PAS
(http://dev.plone.org/collective/browser/Products.CAS4PAS) and
collective.castle
(http://dev.plone.org/collective/browser/collective.castle). the
collective.castle has a stable branch that exposes CAS4PAS configuration as
a plone control panel.
note that these two enable plone to authenticate a plone site against a cas
server, not to act as one. we have been using the two packages and they
work. we do authorization against an LDAP server but i suppose it may be
possible to authz against source users as well as long as there's a common
user ID.
shurik
Martin Aspeli wrote:
>
> Wichert Akkerman wrote:
>> Previously Martin Aspeli wrote:
>>> Hi all,
>>>
>>> I have a Plone site that will maintain a member database and content.
>>> One part of the site will go off to a "white labelled" (i.e. same style
>>> sheet and template) shop system hosted by a third party, on completely
>>> separate infrastructure. The shop will live on shop.domain.com and the
>>> Plone site on domain.com.
>>>
>>> I would like to support single sign-on and shared member data across
>>> these two sites. In particular, users should only sign onto the Plone
>>> site. When they enter the shop, they should appear logged in there if
>>> they were logged into the Plone site (if they're not, there'll be a "log
>>> in" link that goes back to the Plone site). Member data should only be
>>> held in one place, the Plone site.
>>
>> This sounds like something where CAS, possibly in combination with LDAP,
>> provides an out-of-the-box solution.
>
> You mean http://www.ja-sig.org/products/cas?
>
> Do we have any examples of this used in Plone?
>
> Thanks!
>
> Martin
>
> --
> Author of `Professional Plone Development`, a book for developers who
> want to work with Plone. See http://martinaspeli.net/plone-book
>
>
> _______________________________________________
> Product-Developers mailing list
> Product-Developers at lists.plone.org
> http://lists.plone.org/mailman/listinfo/product-developers
>
>
--
View this message in context: http://www.nabble.com/-Product-Developers--Single-sign-on-across-heterogenuous-systems-tp18205059s20094p18224205.html
Sent from the Product Developers mailing list archive at Nabble.com.
More information about the Product-Developers
mailing list