I'm in the midst of looking at different single sign on solutions, and I'm looking for some feedback on the relative advantages and disadvantages of the existing options -- and/or pointers toward resources I've overlooked.
Here are some of the options on my short list (in no particular order):
- The Longsight Group has a CAS-based solution.
- A pubcookie module based (obviously) on Pubcookie.
- The Single Sign On module
- OpenID -- from a thread on the development mailing list, it looks like there might be an OpenID module in the works for Drupal.
- Then, there's also Brown University's cookie-based solution, and Shibbboleth.
Currently, I'm looking most closely at OpenID and PubCookie. The eventual goal from all this is to create and document a system that allows single sign on between multiple Drupal sites, and Drupal sites and sites created in other open source apps. Ideally, these apps can reside on different servers, and in different domains (one of the key advantages of OpenID).
Thanks in advance for your ideas.