[wp-hackers] Single sign-on with Wordpress & Mediawiki
Callum Macdonald
lists.automattic.com at callum-macdonald.com
Wed Oct 31 19:33:20 GMT 2007
Travis Snoozy wrote:
> My prototype does that, but *without* being tied to OpenID -- a
> separate cookie gets set (tied to PHP session ID, so the client
> contains NO sensitive information, regardless of what's stored), and
> that is used for the basis of login. You could use a MySQL DB, flatfile,
> Passport, OpenID, or whatever other authentication means you like (even,
> potentially, allowing login through any of OpenID -or- Passport -or- a
> local DB...). Solving the SSO integration problem generically means
> that everybody wins -- not just sites that chose to use OpenID.
>
Sounds like an interesting approach.
How does the client application (say WordPress) determine if the user is
logged in from their cookie? Is it via a PHP session? If it is, I'm
guessing the applications would need to be on the same server to share
PHP sessions.
I'd be interested to see the code.
Cheers - Callum.
More information about the wp-hackers
mailing list