Distributed Authentication is a cool feature which is offered by the Drupal content management system.
It is not currently offered in Tiki (as of version 1.7)

Al Brown first submitted a RFE in November 2002

Many people like this feature and we would like to implement in the future. No fixed roadmap at the moment.



Competition and standards

CVS Doc section


email discussion between Marc Laporte and Moshe Weitzman (reproduced with permission)

From: Moshe Weitzman
Sent: June 4, 2003 11:00 AM
To: Marc Laporte
CC: Dries Buytaert
Subject: Re: Questions about Distributed Authentication from Tikiwiki

ML> <snip> I understand you "authored much of the Distributed Authentication
system" <snip> Al Brown, a member of the Tiki community has requested
Distributed Authentication in November. <snip> At OSCOM3, I met Scott Johnson.
He had only positive things to say about DA & Drupal and recommended that I
write to your team. I find this concept and its implementation very interesting. I
think it's a great (simple yet efficient) step towards the elusive Single Sign On
promise. If DA use was more prevalent and more modules were available, admins
could implement SSO without the need for LDAP. <snip>

MW> Hi Marc. Glad you are interested in our software. I'm pretty interested 
in yours :)

ML> 1- Which other projects use the same system?

MW> None that I know of.

ML> 2- Do you see it evolving into a "standard" among CMSs

MW> Yes, I'd like to see that. Lets be clear about what would be in the Standard.
My vision is that we develop a Standard for an authentication module. So a
blogger.module would work in all DA implementations. There are some details to
work out, but that is the vision.

MW> DA is basically 2 things. It is a philosophy and it is some code. The
philosophy part is that the site owner 'trusts' the authentication systems of some
external sites. For example, if Yahoo certifies that  agiven user is joe@yahoo.com,
then my Drupal install is happy to let him have an account with that name. He
may always login to that account by authenticating at Yahoo instead of locally.

MW> The code part of DA is small. In Drupal, it is a sequence which goes like this:

- try the local Drupal database for authentication using the supplied
- if above fails, call each active authentication module in series, supplying a
username and password
- if any auth module returns TRUE, then login the user as 
<username>@<externalserver> and note the auth module which returned TRUE

And about code & licensing:

ML> 3- Can Tiki use some of your code to implement DA?

MW> I would think that the authentication modules located in our Contrib
repository hold some fragments which will be useful to other DA systems. As for
licenses, Drupal is GPL whereas TW is LGPL. I think that means that we can use
your code but you can't use ours. I'm no expert on this though.. I have copied
Dries Buytaert on this email. Perhaps he can speak to this topic.

Page last modified on Saturday 18 October 2003 09:32:47 GMT-0000