Lee Daniel Crocker <lee <at> piclab.com> writes:
Drupal has a distributed authentication system (http://drupal.org/node/312)...
If we did do something like this, we would probably use a standard like LDAP or ACAP rather than a home-grown one.
I have implemented an LDAP authentication patch. It allows authentication from multiple domains, as well as the local mysql database (it even allows the user to choose which to authenticate against).
http://meta.wikimedia.org/wiki/LDAP_Authentication
At the current time it will authenticate, and store some user information in an LDAP database. I plan on making an LDAP schema for user attributes so that all user preferences and such can be stored in LDAP. With user preferences stored in LDAP, not only will users be able to authenticate from a central location to all supported wikis, but their preferences would also roam from wiki to wiki.
Currently unsupported is "mail me a new password", unless the wiki allows authentication through the local database, and even then the user would not be able to change his LDAP password (you have to remember your old password to change it). Hopefully, this feature will be added soon.
I do believe this would be a good option for a technical Single Sign On solution, but thats just my opinion.
Ryan Lane NAVOCEANO