Menu
Q: How would you create a SSO? What would you do about authentication (separate app or same as sso) and user store?
Background info:
We have 40+ php apps, java apps and Ruby apps.
Currently, we have a custom SSO+authentication solution. It's an app written in php that is now used as SSO, while supporting email/username/phone-number + password as authentication. It works, but was built for a few apps only, not originally meant to be the SSO - solution. It doesn't have a usable view, every app create their own login/register forms and use the API. They share context and we'd like a more universal design.
Now we know want to support Oauth and openid solutions, as facebook connect, google and more, (or do we really?), in addition to existing authentications. We can expand existing php-solution, but we are considering alternatives.
If you were to do all this in Ruby, what would you do?
Some additional info:
As you see, I have a lot of questions. What would you suggest?
647
I a previous job we used Jasig CAS for SSO (several apps in Java and Python). After getting over some quirks in the configuration and my dislike of all things Java, it actually worked pretty well. At the time I found the wiki to be a valuable resource, but things might have changed in the last year.
Authentication was handled via a separate app (custom) using an OpenLDAP directory that was preinitialized with a script that got user info out of an AD server.
Regarding the actual server you might actually want to use the Jasig one, IIRC it's the reference implementation and is easy to customize via a Maven overlay.
100
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
