From owner-freebsd-questions@FreeBSD.ORG Thu Jul 16 17:03:22 2009 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 0C380106566B for ; Thu, 16 Jul 2009 17:03:22 +0000 (UTC) (envelope-from mel.flynn+fbsd.questions@mailing.thruhere.net) Received: from mailhub.rachie.is-a-geek.net (rachie.is-a-geek.net [66.230.99.27]) by mx1.freebsd.org (Postfix) with ESMTP id CE9938FC0A for ; Thu, 16 Jul 2009 17:03:21 +0000 (UTC) (envelope-from mel.flynn+fbsd.questions@mailing.thruhere.net) Received: from smoochies.rachie.is-a-geek.net (mailhub.lan.rachie.is-a-geek.net [192.168.2.11]) by mailhub.rachie.is-a-geek.net (Postfix) with ESMTP id 6AF1E7E818 for ; Thu, 16 Jul 2009 09:03:20 -0800 (AKDT) From: Mel Flynn To: freebsd-questions@freebsd.org Date: Thu, 16 Jul 2009 09:03:19 -0800 User-Agent: KMail/1.11.4 (FreeBSD/8.0-BETA1; KDE/4.2.4; i386; ; ) References: <9AA14F8C-6061-4E64-895A-C8D047F40A74@identry.com> <20090716105439.2efdc1bf.wmoran@potentialtech.com> In-Reply-To: <20090716105439.2efdc1bf.wmoran@potentialtech.com> MIME-Version: 1.0 Content-Type: Text/Plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit Content-Disposition: inline Message-Id: <200907160903.19369.mel.flynn+fbsd.questions@mailing.thruhere.net> Subject: Re: SSO solution in ports? X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 16 Jul 2009 17:03:22 -0000 On Thursday 16 July 2009 06:54:39 Bill Moran wrote: > In response to John Almberg : > > I am trying to build a set of web applications that are accessed > > through a web portal that uses a Single Sign On (SSO) solution. > > Problem is, there are MANY competing SSO solutions. Since building > > the client side of the SSO system is more than enough for me, I was > > wondering if there are any SSO servers in ports that I can just > > install and use? A CAS solution would be the best, but I'll look at > > anything. > > The most widely supported I know of is LDAP, and OpenLDAP works pretty > well. That won't really work as LDAP can't read a browser cookie or maintain session information. LDAP is a good choice as storage backend. Your best bet is probably to use an OpenID based solution, as support for this sign on method is growing in web applications, so you lessen the chance of having to maintain your custom glue into the application. The security/phpmyid port is one implementation that allows you to run your own OpenID server. http://openid.net/ -- Mel