shiro-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Tauren Mills <>
Subject SSO for non-Java apps
Date Fri, 24 Sep 2010 20:29:02 GMT
Sorry if this is a bit off topic, but I'm curious if anyone has
experience building single sign on solutions that span multiple
technologies, especially if Shiro is involved. Here's what I'd like to

* I have built a custom java application and web service that uses
Shiro for authentication
* User information is currently stored in MySQL and accessed via Hibernate
* I'm adding a new feature to allow clients to have a hosted web site/blog/CMS
* I want clients to be able to use CMS technologies they are familiar
with, such as Drupal or Wordpress
* These CMS solutions maintain their own database of users
* I'd like to replace the native Drupal or Wordpess user system with
my Java app's users
* An authenticated user should still have all Drupal/Wordpress features
* An authenticated user should be able to login at either my java app
or at the CMS site and transition between them without logging in

I just started looking into this and found a SSO solution for Drupal
based on CAS, which is a Java-based SSO solution:

However, this doesn't feel like the right direction to go. I feel like
I should put my energy into OAuth, OpenID, or similar technologies.
What do you think?


View raw message