Moodle version 3.2
I have a desktop based application which is integrated with Moodle i.e. it uses users and their credentials created in Moodle.
Correct me if I m wrong. Password in Moodle is salted and then stored in database. And, this encryption is irreversible. So, how do I authenticate the users on my external application?
I assume, I'll have to redirect users to moodle's authentication API and then redirect them back to my application after successful or unsuccessful attempt.
Please help on how to go about it.
Thank you.
Moodle has an entire Authentication API for this purpose. Check this out https://docs.moodle.org/dev/Authentication_API
Related
My actual requirement is i have 2 AWS servers on both server I have added xml file, my requirement is I want to login from our application page using email and password, this credential check in active directory is this user exists if yes it should return to my application with user details like email id, I want to implement this in PHP.
ADFS supports WS-Fed, SAML 2.0 and OpenId Connect so you need a PHP client-side stack for one of these.
ADFS sits on top of AD so it will check the user in AD.
You have to use the ADFS login screen. There is no way to use a custom one.
We have a system (little) and we need to use authentication to login in to the system. And also we have moodle system is running. My question is that, can we use moodle user creditentials to login to our system ?
I am working on one project in Angular and PHP, I want to make login on Azure using ADAL (Azure Active Directory Library).
It is possible to do that without popup login Microsoft something like pass only username and password or client secret and to get the token for future request?
The way Azure authenticates external websites is through OAuth 2.0 which requires the user to login to their account on the Azure servers and then give your website authorization code so that you can request an access token to complete the OAuth flow.
It isn't secure to capture the user's Username and Password on your website and then send through to Azure, therefore they do not let you do that.
More explanation of the oAuth flow: https://learn.microsoft.com/en-us/azure/active-directory/develop/v1-protocols-oauth-code
Our company has a mobile app. Until now we used LDAP authentication using PHP code to login on the app using the company's Active Directory user and password.
Now they tell me we have to stop using LDAP because there has been some security breach.
My question is, is there an equivalent of ldap_bind for Azure AD?
I've been looking for information and the answers I found are too complicated and elaborated.
Would be better to use a Native Azure App to link to our mobile App or is the PHP aproach better?
I don't need to get the Azure AD token and be able to do some operations or anything. I just want to check if user & password are correct and that's it.
Any guidance would be apreciated.
You will need to redirect the user to authenticate e.g. by using the OpenId Connect protocol.
LDAP is not supported in AAD.
The user may have e.g. Multi-Factor Authentication enabled and thus there is no way to surely authenticate programmatically.
So the right way is to register a Native app, and authenticate from your mobile app using ADAL or MSAL.
I am working on a CakePHP application which is part/sub another application that is developed in different technology ( ColdFusion ). Both apps have their own login functionality and they are required. Login functionality in CakePHP is by AUTH and ACL . Now the requirement is that when a user logged in parent app which is developed in ColdFusion user should directly go to protected pages/dashboard without logging in. I want a way to bypass the login functionality provided by Auth.
Thank you,
kiran
I want a way to bypass the login functionality provided by Auth.
You probably don't, you probably want to be able to log the user in automatically, which Auth supports.
You need to have some way for your PHP code to call ColdFusion to authenticate a user based on some shared secret (e.g. the login cookie for the ColdFusion part of the application) and then automatically log the user if they are authenticated.