Authentication is often a scary topic to broach. Many believe it to be a topic of interest only to security professionals in large enterprise organizations or complex university systems. However, the case can be made that everyone can benefit from a better understanding of authentication, what it can do for you, and how best to leverage it.

Many site builders leverage the basic authentication available with Core Drupal, we might even be tempted to assume that the vast majority do and sometimes this approach is enough with nothing more needed. However, other times more complex approaches are necessary to provide extra features, improve control over the both the process of identifying a user correctly and determining what privileges they should possess.

This leads to our two-fold goal: to list and describe some common forms of authentication used with Drupal starting with the out of the box use case; and to describe some steps to follow so that you might choose one which might work best for you. Additionally, we will reference some anecdotal experience with challenges surrounding authentication in a High Availability environment.

A list of topics that we hope to touch upon: SimpleSAMLphp, Shibboleth, LDAP, Basic Authentication, SAML, Authorization vs Authentication, and support challenges.

The intended audience is people who are in charge of building or administering user access in a Drupal site. It is not a code-focused session, however it is applicable to coders and non-coders alike who are mystified by authentication and want a better understanding of authentication technologies. It should be noted that SimpleSAMLphp and Shibboleth are both open source projects in wide adoption with strong communities and are interoperable with a variety of other open source applications.