From owner-freebsd-questions@FreeBSD.ORG Fri Jul 17 20:22:32 2009 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id A201C10656E1 for ; Fri, 17 Jul 2009 20:22:32 +0000 (UTC) (envelope-from jalmberg@identry.com) Received: from mx1.identry.com (on.identry.com [66.111.0.194]) by mx1.freebsd.org (Postfix) with ESMTP id 542BA8FC15 for ; Fri, 17 Jul 2009 20:22:32 +0000 (UTC) (envelope-from jalmberg@identry.com) Received: (qmail 62313 invoked by uid 89); 17 Jul 2009 20:22:51 -0000 Received: from unknown (HELO ?192.168.1.110?) (jalmberg@75.127.142.66) by mx1.identry.com with ESMTPA; 17 Jul 2009 20:22:51 -0000 In-Reply-To: <200907160903.19369.mel.flynn+fbsd.questions@mailing.thruhere.net> References: <9AA14F8C-6061-4E64-895A-C8D047F40A74@identry.com> <20090716105439.2efdc1bf.wmoran@potentialtech.com> <200907160903.19369.mel.flynn+fbsd.questions@mailing.thruhere.net> Mime-Version: 1.0 (Apple Message framework v753.1) Content-Type: text/plain; charset=US-ASCII; delsp=yes; format=flowed Message-Id: <6D9DA8E2-B0F1-4BDD-A888-968F68724DFC@identry.com> Content-Transfer-Encoding: 7bit From: John Almberg Date: Fri, 17 Jul 2009 16:22:29 -0400 To: Mel Flynn X-Mailer: Apple Mail (2.753.1) Cc: freebsd-questions@freebsd.org Subject: Re: SSO solution in ports? X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 17 Jul 2009 20:22:33 -0000 Well, after a week of looking, I think I am going to go with a CAS solution, rubycas-server and rubycas-client. This supports several methods of authentication, including SQL, ActiveDirectory, LDAP, and GoogleAccounts. SQL is probably good enough for my application at the moment, but the LDAP option might come in handy someday. And it integrates nicely with Rails apps, which is my target platform. I looked at OpenID, which Rails also has good support for, but to my mind, it's just too complicated for the average user to use. I remember the first time I had to set one up, it was quite difficult to understand what it was they were looking for. I think it would scare away the average, non-technical, website user. Thanks for the ideas! Brgds: John On Jul 16, 2009, at 1:03 PM, Mel Flynn wrote: > On Thursday 16 July 2009 06:54:39 Bill Moran wrote: >> In response to John Almberg : >>> I am trying to build a set of web applications that are accessed >>> through a web portal that uses a Single Sign On (SSO) solution. >>> Problem is, there are MANY competing SSO solutions. Since building >>> the client side of the SSO system is more than enough for me, I was >>> wondering if there are any SSO servers in ports that I can just >>> install and use? A CAS solution would be the best, but I'll look at >>> anything. >> >> The most widely supported I know of is LDAP, and OpenLDAP works >> pretty >> well. > > That won't really work as LDAP can't read a browser cookie or > maintain session > information. LDAP is a good choice as storage backend. > > Your best bet is probably to use an OpenID based solution, as > support for this > sign on method is growing in web applications, so you lessen the > chance of > having to maintain your custom glue into the application. The > security/phpmyid > port is one implementation that allows you to run your own OpenID > server. > > http://openid.net/ > -- > Mel > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions- > unsubscribe@freebsd.org" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Websites and Marketing for On-line Collectible Dealers ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ IDENTRY, LLC John Almberg - Managing Partner (631) 546-5079 jalmberg@identry.com www.identry.com ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~