Has anyone had any good experiences with setting up a single sign on system? I have been playing around with a few different systems, notably:

  • Cosign
    Pretty good but a real headache to set up. Documentation is terrible.

-mod_auth_tkt
Easy to install but seems to rely on 3rd party cookies which is a big negative. Documentation virtually non-existent.

I've briefly looked at Pubcookie and JOSSO, not really been inspired to even try setting them up.

I'm currently leaning towards simply having a simple "auto login" URL on every website that needs authenticating (using some hashed user info or whatever) since the underlying user database will be the same for all.

There seems to be a huge development hole in the open source SSO arena, particularly when it comes to PHP. Any good experiences or horror stories very welcome!

    bradgrafelman wrote:

    Sounds like we're talking about two very different types of SSO, however. :p

    Heheh, when I think of single sign on with respect to the Web, I think of OpenID.

      Open ID gives you a common "profile" for participating websites. The SSO I refer to is more in line with bradgrafelman's post. Things like Cosign typically have a data store using Open ID (or LDAP, or anything you like), but also allowa single login action to allow access to multiple domains (via service cookies).

        Write a Reply...