[Xerte-dev] Re: Using Two Authentication Methods
Ron Mitchell
ronm at mitchellmedia.co.uk
Fri May 17 09:08:26 BST 2013
then what I sent should work
From: xerte-dev-bounces at lists.nottingham.ac.uk
[mailto:xerte-dev-bounces at lists.nottingham.ac.uk] On Behalf Of Julian Tenney
Sent: 17 May 2013 08:37
To: For Xerte technical developers
Subject: [Xerte-dev] Re: Using Two Authentication Methods
The accounts already exist, so it's just providing a way in for them.
From: xerte-dev-bounces at lists.nottingham.ac.uk
[mailto:xerte-dev-bounces at lists.nottingham.ac.uk] On Behalf Of Ron Mitchell
Sent: 16 May 2013 16:28
To: 'For Xerte technical developers'
Subject: [Xerte-dev] Re: Using Two Authentication Methods
yeah but just to clarify the static.php I attached goes in the root it's not
the same as the one John has pointed to. You could name mine something
different to avoid confusion.
So all you'd be doing is providing those with static login a different
initial url and their account credentials are in
library/Xerte/Authentication/static.php
You could probably use db instead but you might have to manually switch to
db authentication in auth_config.php to be able to create those accounts via
management.php first before switching back to ldap. So it's a judgement call
whether static will suffice (no disruption) or 10mins lack of access while
you create the db accounts.
HTH
Ron
From: xerte-dev-bounces at lists.nottingham.ac.uk
[mailto:xerte-dev-bounces at lists.nottingham.ac.uk] On Behalf Of Smith, John
Sent: 16 May 2013 16:02
To: For Xerte technical developers
Subject: [Xerte-dev] Re: Using Two Authentication Methods
In library/Xerte/Authentication/static.php or something like that.
Regards,
John Smith
Learning Technologist
School of Health & Life Sciences
Glasgow Caledonian University
From: xerte-dev-bounces at lists.nottingham.ac.uk
[mailto:xerte-dev-bounces at lists.nottingham.ac.uk] On Behalf Of Julian Tenney
Sent: Thursday, May 16, 2013 3:57 PM
To: For Xerte technical developers
Subject: [Xerte-dev] Re: Using Two Authentication Methods
So basically I'm setting up two front doors: one for the LDAP horde, and one
for the select few, via different pages. That's OK I think.
Where do I put the username / password? (sorry, I'm not familiar with the
static stuff).
From: xerte-dev-bounces at lists.nottingham.ac.uk
[mailto:xerte-dev-bounces at lists.nottingham.ac.uk] On Behalf Of Ron Mitchell
Sent: 16 May 2013 15:47
To: 'For Xerte technical developers'
Subject: [Xerte-dev] Re: Using Two Authentication Methods
works for me...
From: xerte-dev-bounces at lists.nottingham.ac.uk
[mailto:xerte-dev-bounces at lists.nottingham.ac.uk] On Behalf Of Ron Mitchell
Sent: 16 May 2013 15:16
To: 'For Xerte technical developers'
Subject: [Xerte-dev] Re: Using Two Authentication Methods
Thinking out loud but this should work...
create a new very basic php page which the static login people should go to
e.g. static.php
this would be unique to your install and therefore not broken by upgrades
set a session variable in there e.g. set static to true and then redirect to
index.php
edit auth_config.php and check for that session and switch to static
authentication if that session is set
So the only page you would have to protect from upgrades is auth_config.php
which to be honest if you're upgrading regularly you need to do anyway.
This is theory but I think should work.
HTH
Ron
From: xerte-dev-bounces at lists.nottingham.ac.uk
[mailto:xerte-dev-bounces at lists.nottingham.ac.uk] On Behalf Of Julian Tenney
Sent: 16 May 2013 14:28
To: For Xerte technical developers (xerte-dev at lists.nottingham.ac.uk)
Subject: [Xerte-dev] Using Two Authentication Methods
Hi,
I need a bit of help from someone who knows the authentication stuff better
than me:
We have some cases where, in the past, we've kept a few usernames /
passwords in the auth code, and have checked against those before checking
against LDAP. There are some collective efforts here where content is passed
to a central admin account - one that has static authentication. Lots of
people create content in their own accounts, and then pass it to the admin
account when it is finished, and that sets up a lot of content for feeds,
etc. Downstream, a website reads the folder feeds and displays the content.
When we upgraded, we lost this capability. Now that user can't login.
So I need to be able to either hardcode a username / password in somewhere
(I know, I don't like it either) or have two auth methods, static, and then
LDAP (or the other way around) if the first one fails, and I need a solution
that won't break in the future when we upgrade again, because this is a real
pain.
What's the best solution?
Thanks,
Julian
Glasgow Caledonian University is a registered Scottish charity, number
SC021474
Winner: Times Higher Education's Widening Participation Initiative of the
Year 2009 and Herald Society's Education Initiative of the Year 2009.
http://www.gcu.ac.uk/newsevents/news/bycategory/theuniversity/1/name,6219,en
.html
Winner: Times Higher Education's Outstanding Support for Early Career
Researchers of the Year 2010, GCU as a lead with Universities Scotland
partners.
http://www.gcu.ac.uk/newsevents/news/bycategory/theuniversity/1/name,15691,e
n.html
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.nottingham.ac.uk/pipermail/xerte-dev/attachments/20130517/9296169f/attachment-0001.html>
More information about the Xerte-dev
mailing list