Login shared between subdomains

Question

If I should allow users to log in using the same username/password, what should I consider when choosing between the following solutions?

• Install, and use Bakery Single Sign-On System on the main site, and all the subdomains.
• Share the database table containing the user data.

Answer 1

Bakery decouples the multisites — if you're sharing a table, you must use exactly the same Drupal version on all sites in the multisite configuration, and update them in lockstep. With Bakery, the Master and Slaves can be running different Drupal versions. Additionally, any modules that modify the users table on the Master site would need to be applied to the Slave sites with corresponding settings.

Bakery improves scalability — user accounts are not created on slave sites until they are needed, conserving server computational and data storage resources.

Bakery synchronizes sessions — for example, if the user logs out of one Bakery site, the user will be logged out of all Bakery sites in that group. (To achieve equivalent behavior with shared tables, you'd also need to share the sessions table, which would further complicate maintenance.)

Answer 2

If your only concern is sharing username and password you might want to consider OpenID, especially since support is in Drupal core.

If that doesn't seem like something your users could manage then I'd consider the Janrain module it would allow your users to sign in with a whole host of accounts they probably already have, like Facebook, Twitter and Google.

It's worth pointing out that this is the method used by StackExchange.