Encouraged by a comment on my post about the OpenSSO module for Drupal, and the amount of OpenSSO/Drupal buzz on Twitter, I decided to attack WordPress next. Although WordPress has a very different plugin model from Drupal, I was able to reuse much of the code from the Drupal module and get a basic single sign-on plugin working quite quickly. As with the Drupal module, there are certainly bugs in the WordPress plugin – in particular, I just noticed that, if you log in to OpenSSO as a user without a corresponding WordPress account, you can get into a redirect loop if you try to go to a protected page at WordPress. :-/
So… That’s two thirds of the Drupal/Joomla/Wordpress CMS trifecta covered… A competent Joomla hacker should be able to take the Drupal/WordPress work and adapt it pretty easily… Anyone want to try while I’m at Catalyst this week?