[geeklog-devel] Request to create new library called lib-account.php
Tony Bibbs
tony at tonybibbs.com
Tue Mar 16 17:57:10 EST 2004
Hi, I have been trying to use Geeklog here at work and the only way I
will be able to do so is if I tie GL into our authentication system here
(which uses SSO). At a 10,000ft view all I want to do is bypass
Geeklog's login feature for our employees and use our system instead.
For customers not using our auth system I want them to use the normal
baked in account management features that Geeklog has. To be clear, all
I want to do is bypass geeklog's login feature in some cases. Here is
the scenario.
One of our workers logs into Geeklog using our auth system. If the
login on our side is good we issue an SSO token to the session cookie
and return that SSO token to Geeklog. When geeklog gets the SSO token,
I validate the token and if it is okay I check to see if the user has an
GL account. If not I create one and them log them in by writing the
necessary Geeklog cookies. If they do have an account I simply login
them in.
Our auth system works the same way that Passport, Project Liberty, etc
does and the only way I could get this to work was to remove all the
functions in public_html/users.php (except for the profile function) and
put them in lib-acccount.php. In this manner I now have access to teh
fucntions I need access to without compromising the way users.php
expects to work.
I'd like to recommend this minor change be put into Geeklog. I have
attached the lib-account.php and a hacked version of users.php. My
version of users.php still has all the old function stubs that call the
ACCT_<fn_name> equivalents in lib-account and I realize that the final
version would have to change. Of more interest would be the login.php
form I created that handles all this crap. Again, it is a hack but it
works. Note there is a library included at teh top you don't have
access to but you shoudl get the jist of what I needed. If we can agree
on this, I will submit a new, polished version of users.php along with
my lib-account.php to CVS but before I did so I wanted to open a dialog.
--Tony
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://pairlist8.pair.net/pipermail/geeklog-devel/attachments/20040316/e65371a2/attachment.html>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://pairlist8.pair.net/pipermail/geeklog-devel/attachments/20040316/e65371a2/attachment-0001.html>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://pairlist8.pair.net/pipermail/geeklog-devel/attachments/20040316/e65371a2/attachment-0002.html>
More information about the geeklog-devel
mailing list