shiro-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Tauren Mills <tau...@groovee.com>
Subject SSO for non-Java apps
Date Fri, 24 Sep 2010 20:29:02 GMT
Sorry if this is a bit off topic, but I'm curious if anyone has
experience building single sign on solutions that span multiple
technologies, especially if Shiro is involved. Here's what I'd like to
do:

* I have built a custom java application and web service that uses
Shiro for authentication
* User information is currently stored in MySQL and accessed via Hibernate
* I'm adding a new feature to allow clients to have a hosted web site/blog/CMS
* I want clients to be able to use CMS technologies they are familiar
with, such as Drupal or Wordpress
* These CMS solutions maintain their own database of users
* I'd like to replace the native Drupal or Wordpess user system with
my Java app's users
* An authenticated user should still have all Drupal/Wordpress features
* An authenticated user should be able to login at either my java app
or at the CMS site and transition between them without logging in
again

I just started looking into this and found a SSO solution for Drupal
based on CAS, which is a Java-based SSO solution:
http://www.longsight.com/blog/drupal-cas-single-sign-on
https://wiki.jasig.org/display/CAS/Home

However, this doesn't feel like the right direction to go. I feel like
I should put my energy into OAuth, OpenID, or similar technologies.
What do you think?

Thanks,
Tauren

Mime
View raw message