I'm working on migrating an old phpbb3.0.9 install and looking at the best option for single signon using native authentication or a custom auth mod. I do not want to use and become reliant upon a bridge that will inevitably not be supported by one of the two sides of the software. My intent is to have phpbb 3.2.2 authenticate against a Drupal system, but do it in such a way that neither system really knows or cares about the other. (I don't care if people have to login to both individually, they're on two different domains anyway)
I'm not sure if ldap or oAuth makes more sense here.
Ideally I'd make all new registrations, password changes, etc. go to the front door of Drupal to make a new account so that the backend is populated with an account, but day to day logins could be directly into phpBB itself.
Has anyone done this and have any best practices or guidance on the better way to do it?