I have a Moodle(3.0) website and a WordPress blog (3.5.4). I need to implement SSO between these two.
Here is the basic idea why I want to do it:
Some of the courses in Moodle contain external content (load a page with resources in iframe). At the bottom of the iframe page, that is loaded there is a bbPress embedded (Forum plugin for WordPress).
I need the SSO, so when user logs in his moodle account and choose to view certain resource to be able to participate in the forum topic under the resource without the need of login again.
I've read Authenticate Users From Moodle Into WordPress, and tried to configure External database Authentication Method in Moodle, but so far no luck.
I've found an WordPress plugin Edwiser Bridge, but it makes quite the opposite (integrates Moodle within WordPress) - which is of no use to my particular case.
I will much appreciate every help I can get. Thanks
I ended up building an API, which makes the handshake between Moodle and Wordpress.
I've modified the moodle/login/index.php page and wp-login.php to send requests to the API when logging in.
Every time someone logs in either platform a request is being sent to the API. It tries to log the user programmatically and start a session cookie for the user. (if the username and password match in the db).
When user is being registered the user data is stored in both databases (Moodle and Wordpress).
NOTE: This is not exactly SSO, but it solved my problem and its working.
Related
I run a custom-made sales system built in php/javascript. One of my customers have asked me to create a system where users can login to the member area of his Wordpress site via my sales system. I.e. if they are logged in to my system and have the proper rights, they should be able to login to the member area of the Wordpress site via a link in my system.
The member area is common to all members, so there's no need to identify the user by name on the Wordpress site. For simplicity, I thought I would just create a Wordpress user called something like Mr. Member, and have my sales system server login as that user.
But after that I need to "hand over" the session from my sales system server to the client, so that he can communicate with the Wordpress site directly. How can I do this in an easy yet secure way?
My first thought was to install this Wordpress extension https://wordpress.org/plugins/jwt-authentication-for-wp-rest-api/ to allow for JWT's in Wordpress. When my sales server receives the token after login, I wanted to hand that token to the client as a cookie to use in his requests to the Wordpress site. But before I start coding this, I just want to make sure if this is a good approach?
I'm trying to create an intranet site where, if possible, all parts of it should be SSO in a way that a user who is logged into his Active Directory account in Windows would immediately be signed on with that same account in all pages of my site through LDAP.
Now the main component of this site is built with a CMS and from there the user should be able to click the links on this site to get to the other tools we're using, like for example the ticket system.
The CMS and the ticket-system software both are able to connect through LDAP themselves but I want a SSO solution for this.
So I searched and found this for the apache server: mod_authnz_sspi
This apparently lets you use $_SERVER['REMOTE_USER'] in PHP to get the windows user signed on right now.
Now I'm stuck since I'm not really sure how to use this to automatically log the user into the sites.
What do I have to do with this to get the SSO solution that I want?
I thought about creating a simple HTML form with the same fields like the one from the ticket-system form I'm trying to log into. I would then try to send the POST-data to the form of the ticket-system and log the user in automatically. For the username I would send $_SERVER['PHP_AUTH_USER'] and for the password $_SERVER['PHP_AUTH_PW']. However, the ticket system is protected with a CSRF-Token which I would have to include into the sent POST-data but can't know in advance since it is generated in the moment of accessing the page.
So it would be really helpful if someone could tell me how to get a SSO working with the mod_authnz_sspi tool (or another).
If there isn't any other way than through using a HTML-form that sends the POST data like I tried, then it would be helpful if someone knew a workaround to the CSRF-Token problem!
You can create an AUTH application that administrate your users (details, permissions, etc.). When an user access other application if it are not logged in redirect it to the AUTH application. AUTH application check user credentials, generate an access_token and redirect user back to the application that try to access. More info you find here https://www.mutuallyhuman.com/blog/choosing-an-sso-strategy-saml-vs-oauth2/
I programmed a Backend for an app. In the Backend is of course the login/registration endpoint.
The problem is that my client had the new idea of synchronizing his Wordpress Blog with the app. And now he wants that when an user registers himself in the App, then he can log in the Wordpress and when an user registers himself in the Wordpress Blog, he can log in the App.
My problem is that I'm not specialized either in Wordpress nor in PHP. I was watching the wp-login.php file, but didn't find a good result.
I'm thinking of using the Backend Endpoint with Wordpress, I can guess that Wordpress could work as a client. Then I could use the same Login-Backend-Function with the App and with Wordpress and it should work.
I was reading this kind of post in Internet, but is not that way, I don't want to register an user in Wordpress from the app, but the other way, I would like to register an user in the App or in Wordpress and log him in the App or Wordpress, but using the Django Endpoints of the Backend.
I did't think that it would be so complicated.
Maybe someone already tried something like that and can say me how I should program it.
I continued searching in Internet and found this post.
Then, I easy changed the do_register_user function of the second page of the post the way I needed.
We have several webapps based in Wordpress and Codeigniter, which are based on different servers but under the same domain (ie: intranet.something.local) and most of them use Active Directory login credentials.
For Wordpress, I'm using a plugin called Active Directory Integration to log in with these credentials and it's working perfectly after configuring openLDAP.
The thing is, our client asked us to have a single log on for every app, meaning that once I'm logged into Wordpress, I should be logged in when I go to another app, that uses the same login user and password.
Is there a possible way to do this? And if so, where should I start?
I believe, that is possible in multiple ways..
Setup Single Sign On in your apps
Use a script which automatically copies User data from a web app,
and then using that information creates user login to the other
apps..Idea is to let user register for one site, and based on that information, register him to other sites automatically
May be, some sort of Database sharing be possible, but that would be
really really a tough job, still Possible (I believe, in Computer
Science, nothing is impossible forever)
create a common cookie file and when user switches the app, use that
cookies to get the user login in between different apps
I want to build a website and install more than one php scripts like wordpress, vbulletin forum, upload center....etc . And I will create a simple php code so I can combine all members database of the scripts installed to be one time registration .
My question is how can make all login for these script to be one time login , if I login one forum it will be directly loginned to upload center & wordpress and others.
i will explain more hope you get my idea: let's say that i have one page name (login.php) this page is for user login, after the user login success the user be automatically loginned to all other scripts installed in the site.
Thank you
I suggest you to use login via Social Networks (the most simple case). Most CMS have plugins to login via Social Networks. If you want support universal login via email/password AND social networks I guess you should write your own Login Service (or find one) and write plugins for those websites which will use that service