What about CAS?
CAS is definitely another option. The best choice for you will depend
on your development needs. CAS was designed to enable single sign-on
(SSO) across an enterprise. On the other hand, this plugin was
designed to allow a WordPress blog to transparently appear to be part
of a Rails app. So there's a lot of overlap, and a few differences.
CAS has a couple of benefits over the plugin:
- It enables single sign-on between web apps running on different
machines, whereas this plugin requires WordPress to be on the same
webserver and have read access to Rails' session cookie.
- CAS is a standardized protocol, and is probably implemented by a wide
variety of enterprise software.
And this plugin has a couple of advantages over CAS:
- It supports OpenID as the back-end authorization --- that's how I
use it, and you can see this in the screenshots. This plugin is
completely 'agnostic' as to how the real authentication is performed
by the Rails app, whereas CAS is generally tied to the
'username/password' concept. CAS can theoretically be used with OpenID
as the back end, but this is either 'on hold' (Ruby CAS server), or
appears fairly complex to configure (ja-sig CAS server).
- This plugin plus its corresponding Rails app seems to be easier to
configure than a CAS client/server pair: On the Rails side, one
controller needs to be dropped into the app, and a few constants set.
CAS requires more configuration, plus another server to be running.