[geeklog-devtalk] Adding a couple plugin functions

Tony Bibbs tony at tonybibbs.com
Thu Jul 1 11:20:29 EDT 2004

Previous message: [geeklog-devtalk] Adding a couple plugin functions
Next message: [geeklog-devtalk] geeklog-devel digest, Vol 1 #340 - 1 msg
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Well, more to your point, I don't see why you still can't do what you
are asking. I'd add this as a feature request to project.geeklog.net
since I know you can't do this yourself because of your unique work
situation.

--Tony

Turias wrote:

> Thanks for the reply, Tony.

>

> Hmm, that seems much more complicated than what I was going for, yet

> it looks like it would be quite a nice addition to the Geeklog core.

> I'm still not convinced, though, that your solution and my solution

> are mutually exclusive. My proposed change wouldn't only be used for

> Single Sign-On, as integrated Geeklog plugins that do not have

> anything to do with SSO could use it to set cookies and perform

> login/logout tasks, too. Plus, it would only require adding 2 lines

> to users.php. :)

>

> - Turias

>

>

>

> On Jun 30, 2004, at 2:52 PM, Tony Bibbs wrote:

>

>> What you want is Single Sign-On. There are a few things I'd

>> recommend before we got to the point of discussing plugin API changes.

>>

>> 1) Geeklog 1.3.x's core should modularize the login. Doing so would

>> encourage others to write authenticators against things like LDAP,

>> AD, etc. By making it modular, you could also add some custom

>> handling there.

>> 2) SSO is a complicated security topic. Most for-profit

>> implementations use Kerberos tickets, others such as what I plan to

>> do with Auth_Enterprise, will issue their own SSO token that can be

>> used by federated applications (i.e. applications that trust one

>> another) to authenticate a user.

>> 3) As I eluded to above, SSO support is something I plan to get into

>> Auth_Enterprise (see

>> http://www.tonybibbs.com/index.php?topic=auth_ent). I won't have

>> time to get to SSO anytime in the next couple of weeks but if you are

>> interested in tacking a crack at it I can point you in the right

>> direction. It has been my intention that after I get Auth_Enterprise

>> to a stable state I would hack options support for it into 1.3.x

>> (which would require me or someone to take care of item #1 above).

>>

>> This probably does itch your short-term scratch but I wanted to offer

>> up some of my thoughts and give you a chance to help with the longer

>> term vision if you have the time.

>>

>> --Tony

>>

>> Turias wrote:

>>

>>> It just doesn't seem possible to accomplish what I need to do using

>>> the current Geeklog plugin architecture.

>>>

>>> Basically, my plugin needs to set login-related cookies for use by

>>> applications other than the main Geeklog install. For example, I

>>> have considered using this to write a plugin that allows you to do

>>> the following:

>>>

>>> 1) The user logs into a Geeklog instance A

>>> 2) On login, the plugin sets login cookies for Geeklog instances B

>>> and C

>>> 3) Now the user can visit all three Geeklog instances seamlessly

>>> without logging in three separate times.

>>>

>>> Of course, this would only work if all Geeklog instances are located

>>> on the same domain and would preferably require some extra user

>>> profile synchronizations. Theoretically, this functionality could

>>> also be used to bridge access to third party apps with minimum work.

>>>

>>> Unfortunately, there currently isn't any way for a plugin to do

>>> this. I could probably hack something together in the user.php and

>>> lib-common.php files, but this doesn't seem like a good way to

>>> distribute plugins. Having plugin functions called on login and

>>> logout could be quite powerful for plugin developers.

>>>

>>> Please let me know if you think there is a better way to do this.

>>> It seems to me, though, that this would be the cleanest way of going

>>> about things.

>>>

>>> Thanks,

>>> Turias

>>>

>>>

>>>

>>> On Jun 29, 2004, at 1:13 PM, Tony Bibbs wrote:

>>>

>>>> <snip>

>>>> I recently began working on a plugin that needs to set and delete

>>>> cookies when the user logs in and out of GeekLog. Unfortunately,

>>>> this does not seem possible with the current GL code.

>>>> </snip>

>>>>

>>>> Why doesn't it work exactly?

>>>>

>>>> --Tony

>>>>

>>>> Turias wrote:

>>>>

>>>>> No one has anything to say about this?

>>>>>

>>>>> - Turias

>>>>>

>>>>>

>>>>> On Jun 25, 2004, at 7:48 PM, Turias wrote:

>>>>>

>>>>>> Hey everyone,

>>>>>>

>>>>>> I recently began working on a plugin that needs to set and delete

>>>>>> cookies when the user logs in and out of GeekLog. Unfortunately,

>>>>>> this does not seem possible with the current GL code. I would

>>>>>> like to propose the following be added to the core:

>>>>>>

>>>>>> 1) The addition of the following plugin functions:

>>>>>>

>>>>>> plugin_login_<plugin name>

>>>>>>

>>>>>> and

>>>>>>

>>>>>> plugin_logout_<plugin name>

>>>>>>

>>>>>> These functions would return nothing.

>>>>>>

>>>>>>

>>>>>> 2) A modification to users.php which would call the

>>>>>> aforementioned functions when a user logs in or out of the system.

>>>>>>

>>>>>>

>>>>>> I could code this up, as it would be pretty easy to do. What

>>>>>> does everyone think? Do people see any utility in this?

>>>>>>

>>>>>> - Turias

>>>>>>

>>>>>> _______________________________________________

>>>>>> geeklog-devtalk mailing list

>>>>>> geeklog-devtalk at lists.geeklog.net

>>>>>> http://lists.geeklog.net/listinfo/geeklog-devtalk

>>>>>

>>>>>

>>>>>

>>>>>

>>>>> _______________________________________________

>>>>> geeklog-devtalk mailing list

>>>>> geeklog-devtalk at lists.geeklog.net

>>>>> http://lists.geeklog.net/listinfo/geeklog-devtalk

>>>>

>>>>

>>>>

>>>> _______________________________________________

>>>> geeklog-devtalk mailing list

>>>> geeklog-devtalk at lists.geeklog.net

>>>> http://lists.geeklog.net/listinfo/geeklog-devtalk

>>>

>>>

>>>

>>> _______________________________________________

>>> geeklog-devtalk mailing list

>>> geeklog-devtalk at lists.geeklog.net

>>> http://lists.geeklog.net/listinfo/geeklog-devtalk

>>

>>

>> _______________________________________________

>> geeklog-devtalk mailing list

>> geeklog-devtalk at lists.geeklog.net

>> http://lists.geeklog.net/listinfo/geeklog-devtalk

>

>

> _______________________________________________

> geeklog-devtalk mailing list

> geeklog-devtalk at lists.geeklog.net

> http://lists.geeklog.net/listinfo/geeklog-devtalk

Previous message: [geeklog-devtalk] Adding a couple plugin functions
Next message: [geeklog-devtalk] geeklog-devel digest, Vol 1 #340 - 1 msg
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the geeklog-devtalk mailing list