Bakery: a shared cookie soluFon Responds with example.com a/c details foo.example.com Request a/c HTTP request COOKIE Logged in Chocolate chip
Bakery is good for: BeAer usability with: MulFple Drupal sites Same domain Simple (no) user proﬁles
SSO and Security Clichéd security icon here
"ConvenFonal" SSO modules Use an independent idenFty backend Can handle more complex user proﬁles Usually provide role-‐integraFon MicrosoW Atlassian AcFve Directory Crowd LDAP
Crowd: delegated authenFcaFon Check credenFals -‐ username Crowd ID mgr: -‐ password server LDAP/ AD/??? example.com POST -‐ username Logged in -‐ password
Security best pracFce SSO can help you manage and review your admin accounts
Users: GoAa catch em all! Copyrighted image cant go here.
CollecFng users: making signup easy facebook
OpenID and user proﬁling OpenID s-‐reg supports: Drupal core supports: Nickname Nickname Email Email Full name Date of birth Gender Postcode Add with Country hook_openid Language Timezone
Summary SSO for usability: Share credenFals across sub-‐domains. SSO for security: Manage your roles and users with a dedicated IdenFty Management pla_orm. SSO for a7rac8ng users: Make it easy for visitors to become members.