0

I have a web application developed using Java (Java EE), spring & Hibernate. We are planning to use Apache Shiro for role & access management. One of our client requirement is to use some CMS functionality along with the web application, for which Drupal has been selected. Since all the users are created in the Java based web application we would like to enable Single Sign on between the Java web app and Drupal.

With the SSO enabled users of the web application should be able to access the pages (static content, blog etc.) created in Drupal.

Arjan Tijms
  • 37,782
  • 12
  • 108
  • 140
Yogesh
  • 3
  • 3

1 Answers1

1

Your best option would probably be to use CAS to handle SSO for both Drupal and Shiro. Drupal has a CAS module and Shiro can also be configured as a CAS client. You haven't provided any details in regard to exactly how your user accounts are maintained, but ideally that sort of data would be kept in a directory system such as OpenLDAP or Active Directory.

Brian Showalter
  • 4,321
  • 2
  • 26
  • 29
  • Thanks @brian CAS looks like the best option currently. The users accounts are maintained in the SQL DB of the Java web application – Yogesh Aug 17 '12 at 15:12
  • Did a lot of reading on the CAS solution proposed by you. As i understand you are suggesting that Drupal & the Java Web app be configured as CAS clients, which in turn will be connected to a CAS server. The problem im facing is that the CAS server will have to installed, configured & managed separately. – Yogesh Aug 17 '12 at 20:13
  • Yes, that's correct, CAS does require that a CAS server be configured. Drupal's CAS module provides server capabilities, but since your users are maintained in the Java web application's database, using Drupal as a CAS server may not work for you. The JASIG CAS server is a Java/Spring web application. You could add that to your Java setup and configure it to use the JDBC authentication handler to access your Java application's database to authenticate your users. – Brian Showalter Aug 18 '12 at 09:26
  • Thanks @brian. after some struggle finally managed to get the CAS Server set-up and running. Its also connected to MYSQL. The best guide can be found here http://sachinkamboj.wordpress.com/2009/07/20/configuring-a-cas-server-to-use-a-mysql-backend/#comment-5 – Yogesh Aug 18 '12 at 14:37
  • Adding some more elements which may be useful while configuring a CAS server. If you are using some hashing of the passwords stored in a DB then this is useful while configuring CAS Server - http://developers-and-admins-of-statusnet.38116.n3.nabble.com/A-question-on-QueryDatabaseAuthenticationHandler-of-CAS-td1943363.html also this has some good pointers http://jasig.275507.n4.nabble.com/Reg-MD5-password-encoding-to-Mysql-from-CAS-td1840028.html – Yogesh Aug 18 '12 at 14:39