How best to bridge the users across two different systems (SSO)

I’m in the early stages of planning a web site / application which will feature user authorisation. The main site will be built using Laravel 4 (although for the purposes of this question, the technology used shouldn’t matter too much), and will be the authority on all things auth-related (signing up, logging in and out, etc…)

In addition to the main site, I would like to have a community forum - I could just build one myself using Laravel, but I would rather use a third-party one to save me the time and effort needed to build such functionality.

I’ve been doing some research into my options, and right now the choice of forum to use is between esoTalk and IPB - please note, however, that at this point, this isn’t a question of which forum solution to use (they both have their own pros and cons) but rather, the best method to use to bridge the users of the main site with that of the forum, meaning users only need to sign-up/login once.

So far as I’ve been able to work out, there appear to be three different approaches I can take, so I’m looking for some feedback on which method you think is the best.


I’ve called this ‘reactive’, because it is - as suggested by the IPB SSO documentation, upon visiting the forum, this method will check for authentication on the main site, and if that passes, will then check to see if a forum user exists for whomever has just logged in, and if they don’t, one gets created.

It would seem to me that the biggest issue with this approach is that of trying to ensure that everything keeps in sync with the main site, i.e. if a user joins the main site, but doesn’t visit the forum, they won’t appear on the forum’s members list, etc…

Proactive Sync

This, leading from where we left off on the reactive method, involves leaving nothing to chance, and upon the creation a user on the main site, said user also gets created on the forum. This will mean the two should remain in sync (members list, et al). but also means that I’ll have to be extra careful within the main site to duplicate any changes that might happen (username change, for example) also happens on the community.

Proactive Table View

The third method involves a tiny bit of cheating, and instead of trying to keep the two user’s tables in sync via the software, make them literally the same, with whatever info that is required by the forum be provided from the main site via the use of a database view. This means I don’t need to do anything extra when creating/updating users (as long as I collect the minimum needed for the users table), as the info needed by the forum will simply exist.

What do you think?

I’m sorry for the long post, and I hope you understand what I’m talking about - so what do you think is the best approach?