Go Back   vb.org Archive > vBulletin 3 Discussion > vB3 General Discussions
FAQ Community Calendar Today's Posts Search

Reply
 
Thread Tools Display Modes
  #1  
Old 05-26-2009, 07:36 PM
Lunikon Lunikon is offline
 
Join Date: May 2009
Posts: 1
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default Building CAS authentication plugin: How to let vB know about authenticated user?

Hi everybody,

I'm currently attempting to build a CAS authentication plugin from scratch. For those who've never heard of CAS, a short introduction: CAS stands for Central Authentication Service and is a protocol for Single-Sign-On. If a user tries to access a page that requires authentication, he's redirected to the CAS server were he logs in. Afterwards he's sent back to the original page he wanted to visit, carrying along a ticket granted by CAS. The client (the page he wants to visit) checks with the CAS server whether the ticket is valid and if so, the server returns at least a user name of the logged in user.

My plugin handles this part already (all using phpCAS, http://www.ja-sig.org/wiki/display/CASC/phpCAS): If a page requires authentication, the user can do so with CAS and return to vB. His CAS username is available and I can load the respective user from the database.

My question is how I can tell vB to use the loaded user as the one currently logged in. Note that vB's original login-system is completely bypassed. Whether the user is logged in or not is completely dependent on whether a CAS-username is available.

I put my CAS-specific code in the init_startup-hook before anything else happens. There I tried to either override cookie values (writing the user-id and the password to $vbulletin->GPC for the session-init to use the values) or to init a new session before it is done in init.php. Neither approach was successfull.

Can anybody provide me with the last bit of information? What am I missing?
Reply With Quote
  #2  
Old 07-15-2009, 12:01 PM
xilefen xilefen is offline
 
Join Date: Jul 2009
Posts: 4
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Hi Lunikon,

I have exactly the same problems.
Have you solved your problems?
My casServer is already running and a simple phpCAS example too.
I there a ready solution?

I m very interested in this. I m writing my bachelor about SSO and will make some examples for a comany i work for.

Best regards
Felix
Reply With Quote
  #3  
Old 07-15-2009, 12:28 PM
Marco van Herwaarden Marco van Herwaarden is offline
 
Join Date: Jul 2004
Posts: 25,415
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

There is a LDAP modification available IIRC. You can have a look at that one to see how it can be done (it can be done on many different ways).
Reply With Quote
  #4  
Old 07-15-2009, 02:52 PM
xilefen xilefen is offline
 
Join Date: Jul 2009
Posts: 4
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

waht were the alternatives?

waht is with this thread?

https://vborg.vbsupport.ru/showthread.php?t=168418

I think this three methods are sufficient !!!
# adduser
# login user
# logout user

"This modification is currently quarantined." Is there a reason?


I hope we will find the easiest way.

Thanks for your help
Reply With Quote
  #5  
Old 07-15-2009, 02:58 PM
Marco van Herwaarden Marco van Herwaarden is offline
 
Join Date: Jul 2004
Posts: 25,415
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

I neverr said you should use LDAP, i only suggested you could take a look at that LDAP modification to see how the login is handled.

If a modification is quarantined, then this is most likely done because of vulnerabilities. Seeing this modification was quarantined in January and the author still has not provided a fix, i doubt it will ever happen.
Reply With Quote
Reply


Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT. The time now is 02:05 PM.


Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2024, vBulletin Solutions Inc.
X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.04575 seconds
  • Memory Usage 2,202KB
  • Queries Executed 13 (?)
More Information
Template Usage:
  • (1)SHOWTHREAD
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)ad_showthread_beforeqr
  • (1)ad_showthread_firstpost
  • (1)ad_showthread_firstpost_sig
  • (1)ad_showthread_firstpost_start
  • (1)footer
  • (1)forumjump
  • (1)forumrules
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (1)navbar
  • (3)navbar_link
  • (120)option
  • (5)post_thanks_box
  • (5)post_thanks_button
  • (1)post_thanks_javascript
  • (1)post_thanks_navbar_search
  • (5)post_thanks_postbit_info
  • (5)postbit
  • (5)postbit_onlinestatus
  • (5)postbit_wrapper
  • (1)spacer_close
  • (1)spacer_open
  • (1)tagbit_wrapper 

Phrase Groups Available:
  • global
  • inlinemod
  • postbit
  • posting
  • reputationlevel
  • showthread
Included Files:
  • ./showthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/functions_bigthree.php
  • ./includes/class_postbit.php
  • ./includes/class_bbcode.php
  • ./includes/functions_reputation.php
  • ./includes/functions_post_thanks.php 

Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_postinfo_query
  • fetch_postinfo
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • showthread_start
  • showthread_getinfo
  • forumjump
  • showthread_post_start
  • showthread_query_postids
  • showthread_query
  • bbcode_fetch_tags
  • bbcode_create
  • showthread_postbit_create
  • postbit_factory
  • postbit_display_start
  • post_thanks_function_post_thanks_off_start
  • post_thanks_function_post_thanks_off_end
  • post_thanks_function_fetch_thanks_start
  • post_thanks_function_fetch_thanks_end
  • post_thanks_function_thanked_already_start
  • post_thanks_function_thanked_already_end
  • fetch_musername
  • postbit_imicons
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • postbit_display_complete
  • post_thanks_function_can_thank_this_post_start
  • tag_fetchbit_complete
  • forumrules
  • navbits
  • navbits_complete
  • showthread_complete