[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Use-case: SSO integration of PHP and Perl applications


After we are able to compile ZXID on my development platform,
I would like to give some background of my intended use case 
for the Perl module Net::SAML and ask for advice, whether or not this is possible at all.

I have two web-applications:
- Drupal [1], a content-management system written in PHP. It will be uses together 
with a module called Tripal [2] to serve genomic data.
- GBrowse2 [3], a genome browser written in Perl that will visualize the same genomic 
Both applications can run on the same web-server and must use the same PostgreSQL backend.

Both applications support external authentication-modules, and I intend to implement 
single-sign-on between both, based on federated authentication from an external Identity Provider 
(e.g. feide.no or our in house system using WStrust).
Such that all users who want to use both apps only have to log once, and when they come to the 
other application, they are already logged in, and have identical credentials in both.

Using  simpleSAMLphp[4] and its Drupal binding, I have somewhat solved the problem for the
PHP side. simpleSAMLphp is currently configured as a Service Provider, but could also be configured
as  an IdP if necessary. 

Now I was hoping to be able to connect to simpleSAMLphp via Net::SAML somehow, but I have now 
gotten the impression that this was misguided and that SSO cannot be implemented that way between
a PHP and a Perl application.
Am I right?

[1] http://drupal.org/
[2] http://gmod.org/wiki/Tripal
[3] http://gmod.org/wiki/GBrowse
[4] http://simplesamlphp.org/

I'd be greatful for any input.

Michael Dondrup
Postdoctoral researcher
The Sea Lice Research Centre
Department of Informatics
University of Bergen
Thormxhlensgate 55, N-5008 Bergen,