Multisite application with single sign in across domains in Rails?

Question

I have to develop multisite application with single sign on across domains (something like google account with multiple google services like gmail,docs,google+):

• To use childen sites user must to sign up on parent site.
• Each site have its own logic except user sign in, points and invoices.
• From child application I must be able to sign in to global user account, spend user points and generate invoice for some service.
• Sign up form, listing of invoices and panel for managing points are avaiable only from parent site/application.

What is the best strategy for implementing this on Rails 3.1? Scalability, performance and security are important.

• Single or multiple rails applications?
• Single or multiple databases?
• Global services in main application or as a separate applications/engines?
• How to implement single sign in? Single session id in DB or something like facebook oauth?
• How to implement spending points and generating invoices as a result of request from child site?

Answer 1

You should be able to implement this using OmniAuth with multiple (and independent) Rails applications. These will be of interest:

• https://github.com/joshsoftware/sso-devise-omniauth-client
• https://github.com/joshsoftware/sso-devise-omniauth-provider

Blog post on the subject: http://blog.joshsoftware.com/2010/12/16/multiple-applications-with-devise-omniauth-and-single-sign-on/