[geeklog-devel] Request to create new library called lib-account.php

Tue Mar 16 17:57:10 EST 2004

Hi, I have been trying to use Geeklog here at work and the only way I 
will be able to do so is if I tie GL into our authentication system here 
(which uses SSO).  At a 10,000ft view all I want to do is bypass 
Geeklog's login feature for our employees and use our system instead. 
For customers not using our auth system I want them to use the normal 
baked in account management features that Geeklog has.  To be clear, all 
I want to do is bypass geeklog's login feature in some cases.  Here is 
the scenario.

One of our workers logs into Geeklog using our auth system.  If the 
login on our side is good we issue an SSO token to the session cookie 
and return that SSO token to Geeklog.  When geeklog gets the SSO token, 
I validate the token and if it is okay I check to see if the user has an 
GL account.  If not I create one and them log them in by writing the 
necessary Geeklog cookies.  If they do have an account I simply login 
them in.

Our auth system works the same way that Passport, Project Liberty, etc 
does and the only way I could get this to work was to remove all the 
functions in public_html/users.php (except for the profile function) and 
put them in lib-acccount.php.  In this manner I now have access to teh 
fucntions I need access to without compromising the way users.php 
expects to work.

I'd like to recommend this minor change be put into Geeklog.  I have 
attached the lib-account.php and a hacked version of users.php.  My 
version of users.php still has all the old function stubs that call the 
ACCT_<fn_name> equivalents in lib-account and I realize that the final 
version would have to change.  Of more interest would be the login.php 
form I created that handles all this crap.  Again, it is a hack but it 
works.  Note there is a library included at teh top you don't have 
access to but you shoudl get the jist of what I needed.  If we can agree 
on this, I will submit a new, polished version of users.php along with 
my lib-account.php to CVS but before I did so I wanted to open a dialog.

--Tony
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://pairlist8.pair.net/pipermail/geeklog-devel/attachments/20040316/e65371a2/attachment.html>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://pairlist8.pair.net/pipermail/geeklog-devel/attachments/20040316/e65371a2/attachment-0001.html>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://pairlist8.pair.net/pipermail/geeklog-devel/attachments/20040316/e65371a2/attachment-0002.html>