We have several webapps based in Wordpress and Codeigniter, which are based on different servers but under the same domain (ie: intranet.something.local) and most of them use Active Directory login credentials.
For Wordpress, I'm using a plugin called Active Directory Integration to log in with these credentials and it's working perfectly after configuring openLDAP.
The thing is, our client asked us to have a single log on for every app, meaning that once I'm logged into Wordpress, I should be logged in when I go to another app, that uses the same login user and password.
Is there a possible way to do this? And if so, where should I start?
I believe, that is possible in multiple ways..
Setup Single Sign On in your apps
Use a script which automatically copies User data from a web app,
and then using that information creates user login to the other
apps..Idea is to let user register for one site, and based on that information, register him to other sites automatically
May be, some sort of Database sharing be possible, but that would be
really really a tough job, still Possible (I believe, in Computer
Science, nothing is impossible forever)
create a common cookie file and when user switches the app, use that
cookies to get the user login in between different apps
Related
I have one WordPress site and an app in codeignitor, App uses its own database to store user and plan details.
Now I want to simplify it like My user can log in to my WordPress website and after successful login I want the login information to forward to the app so that the user can go to the app.
Directory structure:
For Worpress => root->wordpress
For App => root->app
On the same domain hosting.
I want the user's to use WordPress login to access App and manage their profile.
No idea how to proceed. Any suggestions
The most logical way to do this may be to use the cURL. Still, it is impossible to do so because such solutions cannot launch cookies or sessions in your browser and eject your client (essentially a security mechanism). You can try to resolve this by redirecting a user, or the most logical way is to use wordpress api support or capture the data using XML-RPC.
As an update. If both sides are on the same domain, you can try to eject the cookie or the session to the side you want to log in to. If it is under different domains, unfortunately, this suggestion will not work.
I'm trying to create an intranet site where, if possible, all parts of it should be SSO in a way that a user who is logged into his Active Directory account in Windows would immediately be signed on with that same account in all pages of my site through LDAP.
Now the main component of this site is built with a CMS and from there the user should be able to click the links on this site to get to the other tools we're using, like for example the ticket system.
The CMS and the ticket-system software both are able to connect through LDAP themselves but I want a SSO solution for this.
So I searched and found this for the apache server: mod_authnz_sspi
This apparently lets you use $_SERVER['REMOTE_USER'] in PHP to get the windows user signed on right now.
Now I'm stuck since I'm not really sure how to use this to automatically log the user into the sites.
What do I have to do with this to get the SSO solution that I want?
I thought about creating a simple HTML form with the same fields like the one from the ticket-system form I'm trying to log into. I would then try to send the POST-data to the form of the ticket-system and log the user in automatically. For the username I would send $_SERVER['PHP_AUTH_USER'] and for the password $_SERVER['PHP_AUTH_PW']. However, the ticket system is protected with a CSRF-Token which I would have to include into the sent POST-data but can't know in advance since it is generated in the moment of accessing the page.
So it would be really helpful if someone could tell me how to get a SSO working with the mod_authnz_sspi tool (or another).
If there isn't any other way than through using a HTML-form that sends the POST data like I tried, then it would be helpful if someone knew a workaround to the CSRF-Token problem!
You can create an AUTH application that administrate your users (details, permissions, etc.). When an user access other application if it are not logged in redirect it to the AUTH application. AUTH application check user credentials, generate an access_token and redirect user back to the application that try to access. More info you find here https://www.mutuallyhuman.com/blog/choosing-an-sso-strategy-saml-vs-oauth2/
I have a Moodle(3.0) website and a WordPress blog (3.5.4). I need to implement SSO between these two.
Here is the basic idea why I want to do it:
Some of the courses in Moodle contain external content (load a page with resources in iframe). At the bottom of the iframe page, that is loaded there is a bbPress embedded (Forum plugin for WordPress).
I need the SSO, so when user logs in his moodle account and choose to view certain resource to be able to participate in the forum topic under the resource without the need of login again.
I've read Authenticate Users From Moodle Into WordPress, and tried to configure External database Authentication Method in Moodle, but so far no luck.
I've found an WordPress plugin Edwiser Bridge, but it makes quite the opposite (integrates Moodle within WordPress) - which is of no use to my particular case.
I will much appreciate every help I can get. Thanks
I ended up building an API, which makes the handshake between Moodle and Wordpress.
I've modified the moodle/login/index.php page and wp-login.php to send requests to the API when logging in.
Every time someone logs in either platform a request is being sent to the API. It tries to log the user programmatically and start a session cookie for the user. (if the username and password match in the db).
When user is being registered the user data is stored in both databases (Moodle and Wordpress).
NOTE: This is not exactly SSO, but it solved my problem and its working.
I have a sharepoint website that needs some credentials to login, and I am also developing another website that requires login credentials. How do I synchronize their login by taking credentials of one of them and using it on the other?
Like, when I login to the sharepoint, I will be logged in to my other website too when I navigate there.
I'll start off by noting that this is not a question for StackOverflow. Posts here should contain an issue, an attempt at solving it, and any errors or bugs with it that you simply cannot solve yourself. Keep that in mind for future reference.
One way of approaching what you want is to create an interface between the two websites. Have a separate account system that is included for both websites. Basically separate any account systems you currently have in place and set them externally instead - and then include that onto your target pages. That's how I'd approach it anywho.
I use wamp to develop on a windows 7 machine. For this app I have an admin area which tracks the admin username and encrypted password with $_SESSION and a cookie which keeps track of the randomly generated encryption key for the password.
I set the cookie like:
setcookie('key', $key, time()+7200, 'admin/');
The admin user verification is run on every admin page after the admin user has entered username and password details to login.
The directory structure of the site and the admin is:
localhost/mysite/
locahost/mysite/admin/
A session runs in the admin section, and a session also runs in the user interface of the front-end to keep track of chosen criteria for searches.
When I run long database queries in the admin area ie. multiple updates and inserts where each iteration requires a connection to an external API, I am unable to load the front-end user interface in the same browser ie. firefox until after the admin operation has completed. If I use a different browser ie. chrome , I am able to load the front-end of the site while running admin mysql functions with no problems.
I'd like to view the site while these operations are running, and use the same browser. It's a small problem, but I'd like to know how to get around it because I want to learn. I mean I could just tell myself that it doesn't matter because the site works fine when I open another browser, and the final user isn't going to be running admin operations while viewing the site anyway, so from that perspective it doesn't matter, but I am curious.
What is going on with the sessions and cookies that stops me from viewing the site whilst the admin operations are running? Is my question even a good one? Part of me thinks that it's a silly question because ultimately the site works perfectly well in a separate browser. Anyway, thank you for looking!
I think your session is being locked. On the page that takes a long time to run add this at the top: session_write_close(); that should fix it.