My company has a website now
And you can see it at http://www.netmanagers.com.ar.
It's spanish only right now, but that will change in a week or so.
It was an interesting job, because we are using three web apps written in three different languages (php/python/perl) and I wanted to provide our customers with a single login for all three.
It was a bit of effort, but educational :-D
On other news, there is now a "Tipit" link on each post. What's that for? Well, you can use it to give me money. You get to be listed as "guy that gave Roberto money", too (as soon as there is one ;-).
Cool! Care to tell a bit about how you solved the multiple login issue?
I'll make a new post about it in a while, but here's the basic idea.
The login system I wanted to use was provided by the CMS, and worked by setting a cookie with a value you use to lookup the user on the DB, on a sessions table.
So, I wanted to use that information to login the user into the other apps.
I did it in two different ways.
In one case, I could not really modify the app, because it's written in perl.
So, I wrote two CGIs, one to login, one to logout.
The login CGI checks the CMS cookie, figures out the user, sets a cookie as the app wants it, and adds an entry on its DB (a BDB hash, really) with the information about the user.
Then it redirects the browser to the real app page.
Since for this app it seems the user is logged in already, it skips the login, and that's it.
Then catch with an apahe redirect the logout from the app, send it to the logout cgi, which removes the app's cookie and redirects to the CMS logout page.
For the other app, I could hack it (it was in python) so I did it a bit different:
I hacked the app so it would recognize the CMSs cookie instead of its own, and created a view in the CMS DB that presents the CMSs users in the way the app prefers them.
In this way, it uses exactly the same information as the frontend.
Again, I needed to catch the logout request and redirect to the CMS's logout page.
It's a bit vague, but I am a bit scared of mentioning the apps or how exactly I did it :-D
Well, it was clear enough that I understood you =)
This redirecting back-and-forth way seems to be how people have settled on doing SSO. I've always preferred the authenticating reverse proxy, but then again there does not seem to be a good opensource solution for it. I really should do something about that some day...