Looking for some ideas on the right solution here. We are building several Drupal sites with a common user audience. These users also will be accessing Moodle content via hyperlinks from Drupal (i.e. we are not directly integrating Drupal and Moodle).
Looking for a centralized authentication server implementation that can:
- protect both Drupal and Moodle sites
- support true single sign-on (i.e. no re-prompting for credentials when users go from one Drupal site to another, or from Drupal to Moodle, or from Moodle to Drupal
- use LDAP (against MS Active Directory) as a primary authentication source, but also be able to work with a legacy system (i.e. we would regularly export usernames/passwords out of legacy system and presumably import them somewhere else where the auth server could see
pubcookie seems the closest to what I'm looking for, but does not appear to support multiple authentication sources (or 'verifiers' in pubcookie parlance).
Other systems like CAS, Shibboleth, OpenSSO, etc seem like they might fit the need but also seem quite a bit more complex to setup then would be ideal :-)