@mksd: Thanks for your comments, let me see if more details help-
On the Liquibase, the first issue is that in it’s current form, the OpenMRS server doesn’t actually know how many tenants it has; I’m sure that issue could be solved, but if this goes into production, you could have 100 to 300 tenants running on one server. Each time the tomcat server is started up it would try and run the Liquibase changesets on each database would cause the server to take forever to startup. Let me be clear that while I don’t think 300 clinics are going to be using it at once, you would have people sign up to try it out, add a few patients, then maybe leave it for a while (maybe to come back and use it later, maybe not).
On the activators, yes, they are importing metadata which inserts SQL data, which would have to be run against all the databases increasing start time again.
So I didn’t explicitly say it in my post, but another thing I would like to improve is OpenMRS startup time, long term I would like to have it run on AWS Elastic Beanstalk with the file system data stored on a networked Elastic File System (EFS). If the startup time can be greatly reduced then it makes it easy to add in load balanced servers and turn it into a more of a cloud service and less of a loving maintained (and backed up) server instance.
I agree on the SSO; maybe there is a way to use OpenMRS ID as an SSO provider. Still thinking I would want multiple URLs as a user may have access to multiple organizations (maybe the clinician works in a hospital + outside clinic, both on OpenMRS).
I’m also looking into doing some stuff with SAML to authenticate from one OpenMRS system to another OpenMRS system. I wrote a module, which as part of it’s process exports patient data to another server using CCDA (Telemedicine consultancy service & module). Long term if you look at synchronizing the metadata at the application level through some sort of org-to-org slave/sync process, then you could leave the modules putting the metadata in the “primary” tenant and then having it push down to the other tenants through an authenticated online process.