Forum OpenACS Q&A: Consortium Opportunity: Gatekeeper and Single Sign-on

Hi all,

Several different parties are doing or planning new work related to Gatekeeper and to using OpenACS sites as central login points. I'm posting here to start public discussion of coordinating this work, possibly leading to a consortium to pool funding to get the most new functionality in OpenACS. Here are the current projects I'm aware of - if you are doing related work and would like to participate or coordinate, please post!

  • California Charter Schools Association is building a single-signon OpenACS site. The way it will work is, users log into an OpenACS site and can then connect directly to one or more third-party sites without logging in again. Behind the scenes, we will store users third-party passwords in a "wallet" on the OpenACS site and negotiate authentication automatically.
  • Mannheim University has done work on Squirrelmail integration and would like to see additional improvements to gatekeeper.
  • Dirk Gomez has done custom work for a client integrating an static Apache site: only users logged in to the OpenACS site can access an Apache site on another machine.
  • I believe some work has gone into making an OpenACS site serve as an authentication server as well as a client - that work could dovetail nicely by making OpenACS sites good "authentication glue" for other sites.
  • Next steps will include: defining specific functions that are useful to one or more parties; setting aside a bug-fixing and i18n reserve; identifying acs-core changes if any; setting up a blog and other resources for ongoing coordination; scheduling.


Are there any notices about these projects? Are there people from Mannhein or other places coordinating particularly squirrelmail integration?

Posted by Andrew Piskorski on
If you care about login integration with Squirrelmail (which is written in PHP), then these threads on Tcl/PHP integration for AOLserver and OpenACS are relevent: one, two, three.