thoughts on single sign-on portal?

Good morning,

I'm hoping to solicit some conceptual ideas on some approaches on how
I can tackle this problem.

The situation:

Over the last 6 months I have built a healthy PHP enterprise framework
on my customers intranet to support the various custom applications
they needed in each department. The framework works with Zend
Framework, and I am quite happy with it. Basically, it provides
services to the modules (application) I install within it and easily
allows data integration between legacy and new applications. Until
recently, all modules/applications I have added are custom developed,
which allows for single sign-on for the users, a central place for
user and application/module administration such as role-based access
controls (which provides an abstraction between the application and
Active Directory), and other services that provide convenience to both
the customer and the developer (code reuse a major issue).

Now, the problem:

The customers are needing solutions that can be solved using open
source COTS products, such as a blog (wordpress), wiki (mediawiki),
etc. Essentially, the scope of the framework is evolving from a
modular framework to house custom applications into one that also
integrates COTS applications. Many of the COTS application I've
looked at can fit in well and I simply need to create a portal to the
application at the desired MVC namespaces. The problem I'm having is
when integrating the COTS solution, I do not want to make any changes
to the application itself (to ease upgrades and maintenance later
on). With this requirement in mind, I want to be able to make the
integration between the COTS application and my framework seamless (my
framework still handles the authentication and authorization and can
work with the COTS API, but not break it.

My thoughts on the solution:

Without changing the COTS core code, I feel I'm kinda limited.

Perhaps I can create an application environment class and stage the
environment to what each application needs when accessed. For
example, set the expected session variables that would be there for an
authenticated session. This doesn't smell right to me and could get
very complex with applications with complicated access controls.

What are some other ways I may be able to achieve this?
.

Relevant Pages

  • Re: Resolution - WSS - Unable to add WP to pages after.NET 2.0 upgrade
    ... in one way or the other, with Frontpage 2003 or any of the custom ... site prior to moving to the .NET Framework 2.0. ... > Invalid postback or callback argument. ...
    (microsoft.public.dotnet.framework.aspnet)
  • Re: Competition is not ALWAYS good
    ... you see web framework as a must-use product. ... their applications in bare PHP -- and be quite successful with this. ... SB> is a religion then yes I am religious. ... so for people who actually want application up and running portability has ...
    (comp.lang.lisp)
  • Re: .Net Framework 2.0
    ... We just found in our same legacy application (because focus is currently on ... When the Framework went from 1.0 to 1.1 in this ... and implement wrappers for our .Net components that create custom App ... have the problem that when our applications run under 3rd party vendor host ...
    (microsoft.public.dotnet.framework.clr)
  • Re: Is C# suitable for low-level embedded
    ... I believe that you can do everything that you want with the compact ... framework (you might have to do some custom stuff if you want to speed up ... Framework that runs on embedded devices. ... Any book recommendations - I can't seem to find a ...
    (microsoft.public.dotnet.languages.csharp)
  • Re: Military Computers embedded
    ... is the problem of obscelescence that arises with COTS. ... >custom system is designed for the military, ... If some old military system used a card full of TTL chips to implement ... controller would do to read the multiplier and multiplicand from input ...
    (comp.arch.embedded)