Single sign-on: What every Drupal developer should know

Speakers: 
jludwig

An exploration of ways to implement an SSO Service Provider using Drupal

If your Drupal site requires authentication for end users to gain access to everything it has to offer, you should consider implementing some sort of SSO. Think about it: when you reach a site that requires registration, what do you do? You waste some time filling out a form and either you create a new username/password combo and store it in memory (reducing mental hard drive space) or some password storage service (imperfect), or you go grab into your mental bag of re-used passwords (insecure). If you're like me, you move on to another site. That's were SSO comes in. Wasn't it nice logging into https://austin2014.drupal.org with your d.o username and password instead of going through the dreaded account creation process? Well, that is SSO right there! You can have something like that on your Drupal site and it could potentially be as easy as installing a module.

A roadblock that prevents many people from implementing some form of SSO on their site is that there are so many options available, each with their own pros and cons, level of difficulty, target audience, and use cases. In this session, we will:

  • differentiate between 'web' or 'public facing' SSO, generally used for things like online communities, e-commerce, news sites, etc. and 'enterprise' or 'internal' SSO, used to connect a Drupal site to your organization's IdP or to allow people from other organizations to access your site
  • learn about the primary technologies used for both types, with a detailed analysis of key features, potential drawbacks, what Drupal provides, and general difficulty level of implementation
  • learn how to evaluate what SSO technology best fits your user base and what implementation methodology best matches your needs

When you walk out of the session, you will have the knowledge needed to make an informed decision on an SSO solution for your Drupal site.

Note

This session focuses on as a Service Provider (SP; the site/application that the end user wishes to access) rather than as an Identity Provider (IdP; what actually holds/provides the user data).

Audience

Some of the concepts covered in this session are intermediate-level (hence the Experience Level tag), but it's geared towards people with little to no knowledge about single sign-on.

Schedule info
Track: 
Coding and Development
Experience level: 
Intermediate
Drupal Version: 
N/A