[wp-hackers] Single sign-on with Wordpress & Mediawiki

Callum Macdonald lists.automattic.com at callum-macdonald.com
Wed Oct 31 19:33:20 GMT 2007

Travis Snoozy wrote:
> My prototype does that, but *without* being tied to OpenID -- a
> separate cookie gets set (tied to PHP session ID, so the client
> contains NO sensitive information, regardless of what's stored), and
> that is used for the basis of login. You could use a MySQL DB, flatfile,
> Passport, OpenID, or whatever other authentication means you like (even,
> potentially, allowing login through any of OpenID -or- Passport -or- a
> local DB...). Solving the SSO integration problem generically means
> that everybody wins -- not just sites that chose to use OpenID.
Sounds like an interesting approach.

How does the client application (say WordPress) determine if the user is 
logged in from their cookie? Is it via a PHP session? If it is, I'm 
guessing the applications would need to be on the same server to share 
PHP sessions.

I'd be interested to see the code.

Cheers - Callum.

More information about the wp-hackers mailing list