[Xerte-dev] Re: Using Two Authentication Methods

Ron Mitchell ronm at mitchellmedia.co.uk
Fri May 17 09:08:26 BST 2013


then what I sent should work

 

From: xerte-dev-bounces at lists.nottingham.ac.uk
[mailto:xerte-dev-bounces at lists.nottingham.ac.uk] On Behalf Of Julian Tenney
Sent: 17 May 2013 08:37
To: For Xerte technical developers
Subject: [Xerte-dev] Re: Using Two Authentication Methods

 

The accounts already exist, so it's just providing a way in for them.

 

From: xerte-dev-bounces at lists.nottingham.ac.uk
[mailto:xerte-dev-bounces at lists.nottingham.ac.uk] On Behalf Of Ron Mitchell
Sent: 16 May 2013 16:28
To: 'For Xerte technical developers'
Subject: [Xerte-dev] Re: Using Two Authentication Methods

 

yeah but just to clarify the static.php I attached goes in the root it's not
the same as the one John has pointed to. You could name mine something
different to avoid confusion.

 

So all you'd be doing is providing those with static login a different
initial url and their account credentials are in
library/Xerte/Authentication/static.php

 

You could probably use db instead but you might have to manually switch to
db authentication in auth_config.php to be able to create those accounts via
management.php first before switching back to ldap. So it's a judgement call
whether static will suffice (no disruption) or 10mins lack of access while
you create the db accounts.

 

HTH

Ron

 

From: xerte-dev-bounces at lists.nottingham.ac.uk
[mailto:xerte-dev-bounces at lists.nottingham.ac.uk] On Behalf Of Smith, John
Sent: 16 May 2013 16:02
To: For Xerte technical developers
Subject: [Xerte-dev] Re: Using Two Authentication Methods

 

In library/Xerte/Authentication/static.php or something like that.

 

 

Regards,

 

John Smith

Learning Technologist

School of Health & Life Sciences

Glasgow Caledonian University

 

From: xerte-dev-bounces at lists.nottingham.ac.uk
[mailto:xerte-dev-bounces at lists.nottingham.ac.uk] On Behalf Of Julian Tenney
Sent: Thursday, May 16, 2013 3:57 PM
To: For Xerte technical developers
Subject: [Xerte-dev] Re: Using Two Authentication Methods

 

So basically I'm setting up two front doors: one for the LDAP horde, and one
for the select few, via different pages. That's OK I think.

 

Where do I put the username / password? (sorry, I'm not familiar with the
static stuff).

 

 

From: xerte-dev-bounces at lists.nottingham.ac.uk
[mailto:xerte-dev-bounces at lists.nottingham.ac.uk] On Behalf Of Ron Mitchell
Sent: 16 May 2013 15:47
To: 'For Xerte technical developers'
Subject: [Xerte-dev] Re: Using Two Authentication Methods

 

works for me...

 

From: xerte-dev-bounces at lists.nottingham.ac.uk
[mailto:xerte-dev-bounces at lists.nottingham.ac.uk] On Behalf Of Ron Mitchell
Sent: 16 May 2013 15:16
To: 'For Xerte technical developers'
Subject: [Xerte-dev] Re: Using Two Authentication Methods

 

Thinking out loud but this should work...

 

create a new very basic php page which the static login people should go to
e.g. static.php

this would be unique to your install and therefore not broken by upgrades

 

set a session variable in there e.g. set static to true and then redirect to
index.php

 

edit auth_config.php and check for that session and switch to static
authentication if that session is set

 

So the only page you would have to protect from upgrades is auth_config.php
which to be honest if you're upgrading regularly you need to do anyway.

 

This is theory but I think should work.

 

HTH

Ron

 

From: xerte-dev-bounces at lists.nottingham.ac.uk
[mailto:xerte-dev-bounces at lists.nottingham.ac.uk] On Behalf Of Julian Tenney
Sent: 16 May 2013 14:28
To: For Xerte technical developers (xerte-dev at lists.nottingham.ac.uk)
Subject: [Xerte-dev] Using Two Authentication Methods

 

Hi,

 

I need a bit of help from someone who knows the authentication stuff better
than me:

 

We have some cases where, in the past, we've kept a few usernames /
passwords in the auth code, and have checked against those before checking
against LDAP. There are some collective efforts here where content is passed
to a central admin account - one that has static authentication. Lots of
people create content in their own accounts, and then pass it to the admin
account when it is finished, and that sets up a lot of content for feeds,
etc. Downstream, a website reads the folder feeds and displays the content.

 

When we upgraded, we lost this capability. Now that user can't login.

 

So I need to be able to either hardcode a username / password in somewhere
(I know, I don't like it either) or have two auth methods, static, and then
LDAP (or the other way around) if the first one fails, and I need a solution
that won't break in the future when we upgrade again, because this is a real
pain.

 

What's the best solution?

 

Thanks,

 

Julian

 

 

 


Glasgow Caledonian University is a registered Scottish charity, number
SC021474

Winner: Times Higher Education's Widening Participation Initiative of the
Year 2009 and Herald Society's Education Initiative of the Year 2009.
http://www.gcu.ac.uk/newsevents/news/bycategory/theuniversity/1/name,6219,en
.html

Winner: Times Higher Education's Outstanding Support for Early Career
Researchers of the Year 2010, GCU as a lead with Universities Scotland
partners.
http://www.gcu.ac.uk/newsevents/news/bycategory/theuniversity/1/name,15691,e
n.html





-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.nottingham.ac.uk/pipermail/xerte-dev/attachments/20130517/9296169f/attachment-0001.html>


More information about the Xerte-dev mailing list