vb.org Archive

vb.org Archive (https://vborg.vbsupport.ru/index.php)
-   vB4 Programming Discussions (https://vborg.vbsupport.ru/forumdisplay.php?f=252)
-   -   Single Signon, how? (https://vborg.vbsupport.ru/showthread.php?t=250578)

Trek 09-15-2010 09:19 PM
Single Signon, how?
 
I've done several forum searches here as well as the web in general and haven't really found anything that has answered the question. Several threads about people doing it, but not how they did it.

In short, I have two systems. When someone logs into the "other" system, I want them to seamlessly (ie, behind the scenes) be logged into vB as well.

Ideally I would have a function that I could call that I would pass the Username and password the user has entered (from the other system) into it, have this function authenticate whether it's a good match or not. If it's a good match, it should log the person into vB and return a true value, if it fails, it should return either just false or an error message.

Any help on this would be very much appreciated, thanks!

--------------- Added [DATE]1284609922[/DATE] at [TIME]1284609922[/TIME] ---------------

Ok, I'm getting closer, could use help though! =)

Using the below code in any PHP file, replace the DOMAIN, USERNAME and PASSWORD areas with appropriate info.

When you run it, it says "Thank you USERNAME for logging in." and all looks well. However, you aren't actually logged in. Seems as though it just passes the general verification, but doesn't do any of the session variables and/or cookies.

That's where I need the help, any idea what next?

Code:
<?
    $forum_root = "http://www.DOMAIN.com/";
    $login_page_url = $forum_root."login.php?do=login";
    $postfields["vb_login_username"] = "USERNAME";
    $postfields["vb_login_password"] = "PASSWORD";

    $ch = curl_init();
    curl_setopt($ch, CURLOPT_URL, $login_page_url);
    curl_setopt($ch, CURLOPT_POST, 1);
    curl_setopt($ch, CURLOPT_TIMEOUT, 100);
    curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);

    $postfields["s"] = "";
    $postfields["SECURITYTOKEN"] = "guest";
    $postfields["do"] = "login";
    //$postfields["vb_login_md5password"] = "";
    //$postfields["vb_login_md5password_utf"] = "";

    ?>
    <script type="text/javascript" src="<? echo $forum_root; ?>clientscript/vbulletin_md5.js?v=406"></script>
    <SCRIPT LANGUAGE="JavaScript" TYPE="TEXT/JAVASCRIPT">
    <!--
        md5hash(vb_login_password, vb_login_md5password, vb_login_md5password_utf, 0)
    //-->
    </SCRIPT>

    <?
    curl_setopt($ch, CURLOPT_POSTFIELDS, $postfields);
    $cdata = curl_exec($ch);
    curl_close($ch);
   
    echo "<hr>$cdata<hr>";
   

?>
--------------- Added [DATE]1284666786[/DATE] at [TIME]1284666786[/TIME] ---------------

No one? Not even a nudge in the right direction?

Trek 09-18-2010 12:00 AM
Nevermind, I got it figure out.

Code:
<?
require_once('./global.php');
require("includes/functions_login.php");

// Returns true/false
    $res = verify_authentication("USERNAME", "PASSWORD", md5("PASSWORD"), md5("PASSWORD"), true, true);

exit();
?>
Not 100% sure about the second MD5 password field as it's supposed to be UTF(8?) or something. Anyway, all I know is, it worked for me this way. Hope it helps someone else out.

Matt L 09-21-2010 01:45 PM
I'm trying to the exact same thing. How did you get it to work exactly?

Trek 09-21-2010 05:42 PM
Quote:
Originally Posted by Matt L (Post 2101420)
I'm trying to the exact same thing. How did you get it to work exactly?
Well, the above code I posted works, however, the problem comes into play when vB isn't loaded at all. So you're coming from a completely clean browser cache/session cache.

In which case, as soon as you include these files, vB takes over and loads it's own pages, etc. I tried a few things to silently do the login, but all have failed so far. So... the above isn't really a good solution in that case. At this point, I haven't really solved it.

I've moved on to data synchronization between our systems as that is the more important issue for us and will revisit the single signon after that is complete.

Sorry I don't have a better answer for you, but... that's all I've got. If you find a way to do it, please reply back in this thread for myself and anyone else looking for the answer.


All times are GMT. The time now is 09:57 AM.

Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2025, vBulletin Solutions Inc.

X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.01087 seconds
  • Memory Usage 1,725KB
  • Queries Executed 10 (?)
More Information
Template Usage:
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (2)bbcode_code_printable
  • (1)bbcode_quote_printable
  • (1)footer
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (6)option
  • (1)post_thanks_navbar_search
  • (1)printthread
  • (4)printthreadbit
  • (1)spacer_close
  • (1)spacer_open 
Phrase Groups Available:
  • global
  • postbit
  • showthread
Included Files:
  • ./printthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/class_bbcode_alt.php
  • ./includes/class_bbcode.php
  • ./includes/functions_bigthree.php 
Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • printthread_start
  • bbcode_fetch_tags
  • bbcode_create
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • printthread_post
  • printthread_complete