Lee Daniel Crocker <lee <at> piclab.com> writes:
Drupal has a distributed authentication system
(
http://drupal.org/node/312)...
If we did do something like this, we would probably use
a standard like LDAP or ACAP rather than a home-grown one.
I have implemented an LDAP authentication patch. It allows authentication from
multiple domains, as well as the local mysql database (it even allows the user
to choose which to authenticate against).
http://meta.wikimedia.org/wiki/LDAP_Authentication
At the current time it will authenticate, and store some user information in an
LDAP database. I plan on making an LDAP schema for user attributes so that all
user preferences and such can be stored in LDAP. With user preferences stored in
LDAP, not only will users be able to authenticate from a central location to all
supported wikis, but their preferences would also roam from wiki to wiki.
Currently unsupported is "mail me a new password", unless the wiki allows
authentication through the local database, and even then the user would not be
able to change his LDAP password (you have to remember your old password to
change it). Hopefully, this feature will be added soon.
I do believe this would be a good option for a technical Single Sign On
solution, but thats just my opinion.
Ryan Lane
NAVOCEANO