[wp-hackers] Single sign-on with Wordpress & Mediawiki

Jacob wordpress at santosj.name
Mon Oct 29 03:06:14 GMT 2007 

Sneaks wrote:
>> Yep. Shouldn't know or care. Authentication is authentication. I'm
>> saying that there should be no "primary" web application -- all the
>> auth logic should be centralized behind a common API so that logging in
>> in one place is *exactly the same* as logging in somewhere else
>> (within a single site).
>
> i'd also like to take this moment to again point out that there is a 
> big difference between having one username to login to different parts 
> of a site, and actually logging in one time for all parts of the site.
>
> most of this thread has just been about merging tabular user data, but 
> my original question was about getting other applications in the same 
> site to recognize that a user was already authenticated inside 
> application X.

Well, if you are talking about databases, then I think the issue is more 
that you won't get any project to develop a system where the 
username/password is completely separate table from all other profile 
information. Projects like phpBB (v2.x) have the entire username 
password in one table.

However, I think the solution you are talking about and I think that 
WordPress has (the code, I think has this capability, have to double 
check) is referencing which table has the username/password and what the 
field name is of each. You don't really need to know about the profile 
information (but it would be nice to not have to keep filling out the 
damn information for each project).

There are several projects that do this already. However the method for 
which to let the project know is different. Most only give you a 
function to use and call to sign the person in for that project. 
However, all of these projects would have to be on the same server or 
domain, but I'm most likely wrong about this depending on if my theory 
about PHP cookie writing is correct.


-- 

Jacob Santos

http://www.santosj.name - blog
http://wordpress.svn.dragonu.net/unittest/ - unofficial WP unit test suite.

Also known as darkdragon and santosj on WP trac.

More information about the wp-hackers mailing list