Hi, I am developing a series of sites with similar themes. As such I would like to give the user access to all of the sites once they have registered with any one of the sites. What are the pitfalls and best practices for this in Rails. Thank you in advance. Mitch -- Posted via http://www.ruby-forum.com/. -- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk+unsubscribe-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en.
I would suggest exploring openID implementation. regards, Jaymin On Wed, Feb 9, 2011 at 2:59 PM, Mitchell Gould <lists-fsXkhYbjdPsEEoCn2XhGlw@public.gmane.org> wrote:> Hi, > I am developing a series of sites with similar themes. As such I would > like to give the user access to all of the sites once they have > registered with any one of the sites. > > What are the pitfalls and best practices for this in Rails. > > > Thank you in advance. > > Mitch > > -- > Posted via http://www.ruby-forum.com/. > > -- > You received this message because you are subscribed to the Google Groups > "Ruby on Rails: Talk" group. > To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org > To unsubscribe from this group, send email to > rubyonrails-talk+unsubscribe-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org > For more options, visit this group at > http://groups.google.com/group/rubyonrails-talk?hl=en. > >-- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk+unsubscribe-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en.
Jaymin Shah wrote in post #980516:> I would suggest exploring openID implementation. > > regards, > JayminThanks Jaymin I will check it out now. -- Posted via http://www.ruby-forum.com/. -- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk+unsubscribe-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en.
There are a couple ways you can go. If you''re in a corporate environment (as I was when I last did something like this), you may want to integrate with an LDAP server of some kind (in my case it was ActiveDirectory 2008). You''d then authenticate your users through that LDAP server across all the sites you''re running. You can even set this kind of configuration up outside of a corporate environment - having your own LDAP server (Open LDAP is a damn sight cheaper than ActiveDirectory though!). Just make sure that if you do it this way, you set up your LDAP server to be inaccessible from the outside world as a security precaution. Another possible route, similar to what Jaymin mentioned above, would be using something like the Omniauth gem to allow users to authenticate with their Google, Twitter, Facebook <whatever else> accounts. Ryan Bates over at railscasts.com has several great screencasts on omniauth, and I strongly encourage you to check them out! If you really (and I mean reeeeeeeaaaaaaly) want to roll your own, you could. You could set up a RESTful service that would communicate with your three apps and allow them to authenticate a user or not. I''d recommend against rolling your own simply because when you do that, you run the risk of overlooking a few details that could open your app up to various hacks (think weak encryption ciphers, broken session handling, etc.), and the open source projects already out there have had a lot more eyes look at their code to make sure it doesn''t have any gaping holes in it than anything you could roll on your own without open sourcing it and lots of scrutiny. Besides, why do the work when you can have somebody else do it? :-) There are a lot of different ways to go about it, but those are a few options for you to take a look at! Good luck! On Feb 9, 3:26 am, Mitchell Gould <li...-fsXkhYbjdPsEEoCn2XhGlw@public.gmane.org> wrote:> Jaymin Shah wrote in post #980516: > > > I would suggest exploring openID implementation. > > > regards, > > Jaymin > > Thanks Jaymin I will check it out now. > > -- > Posted viahttp://www.ruby-forum.com/.-- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en.
On 9 February 2011 09:29, Mitchell Gould <lists-fsXkhYbjdPsEEoCn2XhGlw@public.gmane.org> wrote:> Hi, > I am developing a series of sites with similar themes. As such I would > like to give the user access to all of the sites once they have > registered with any one of the sites. > > What are the pitfalls and best practices for this in Rails.We do it using OpenLDAP, a cas server and rubycas-client. -- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk+unsubscribe-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en.
I''d suggest creating an OAuth provider application for your SSO needs and then have each app for the SSO be a consumer: http://www.railsatwork.com/2010/10/implementing-oauth-provider-part-1.html It''s how 37signals handles SSO across their products and I think it works out pretty well. -Patrick Robertson On Wed, Feb 9, 2011 at 6:14 AM, Mauro <mrsanna1-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org> wrote:> On 9 February 2011 09:29, Mitchell Gould <lists-fsXkhYbjdPsEEoCn2XhGlw@public.gmane.org> wrote: > > Hi, > > I am developing a series of sites with similar themes. As such I would > > like to give the user access to all of the sites once they have > > registered with any one of the sites. > > > > What are the pitfalls and best practices for this in Rails. > > We do it using OpenLDAP, a cas server and rubycas-client. > > -- > You received this message because you are subscribed to the Google Groups > "Ruby on Rails: Talk" group. > To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org > To unsubscribe from this group, send email to > rubyonrails-talk+unsubscribe-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org > For more options, visit this group at > http://groups.google.com/group/rubyonrails-talk?hl=en. > >-- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk+unsubscribe-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en.
we used http://code.google.com/p/rubycas-server/ excellent stuff if you dont want to mess(not really much work) with OpenID or similar .. -- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk+unsubscribe-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en.
Loginbuilder.com offers Single Sign On (SSO) service for multiple website owners. Make use of this service to give your users share one login to use all your websites. User details maintenance is made easier here. -- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk+unsubscribe-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org To view this discussion on the web visit https://groups.google.com/d/msg/rubyonrails-talk/-/bL3uSeefM9UJ. For more options, visit https://groups.google.com/groups/opt_out.
On Monday, 1 October 2012 05:42:13 UTC-4, thansika malar wrote:> > Loginbuilder.com offers Single Sign On (SSO) service for multiple website > owners. Make use of this service to give your users share one login to use > all your websites. User details maintenance is made easier here. >Next time you want to spam old threads with ads for your login service, at least check to see if the list focuses on the same technology as your service (PHP). --Matt Jones -- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk+unsubscribe-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org To view this discussion on the web visit https://groups.google.com/d/msg/rubyonrails-talk/-/fbBmZbZxtGwJ. For more options, visit https://groups.google.com/groups/opt_out.