Single Sign On

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
thyrfing
Forum Newbie
Posts: 3
Joined: Wed Nov 23, 2005 7:42 am

Single Sign On

Post by thyrfing »

Hi there,

i need to implement a Single Sign On System with pHP

has anyone some experiance with that?

Any code fragments ?

Any classes, demos or frameworks out there?


Who can give me hints?


Thyrfing
User avatar
Jenk
DevNet Master
Posts: 3587
Joined: Mon Sep 19, 2005 6:24 am
Location: London

Post by Jenk »

Please be more descriptive with what you need. :)
thyrfing
Forum Newbie
Posts: 3
Joined: Wed Nov 23, 2005 7:42 am

how meant

Post by thyrfing »

Jenk wrote:Please be more descriptive with what you need. :)
having two php applications running with two separate login mechanisms until now.

now i want to extend both, checking if a user has successfull logged in in each other application.

if yes: continue without login-form
if no: send the own login form


OK?
foobar
Forum Regular
Posts: 613
Joined: Wed Sep 28, 2005 10:08 am

Re: how meant

Post by foobar »

AFAIK there aren't any "one-size-fits-all" solutions of this problem. You'll just have to create your own user management system, or base it on one of the existing applications and alter the other one. You'll have to make profile pages point to one place, member lists, etc., irrespective of the application they're called from. It's quite a hassle, and I haven't done anything like it before, but I imagine it to be quite a lot of work. The key is that it has to be molded to fit both applications seamlessly.
User avatar
Jenk
DevNet Master
Posts: 3587
Joined: Mon Sep 19, 2005 6:24 am
Location: London

Post by Jenk »

If both web-apps are using the same domain/host address, yes, you can via cookies. Though it is not recommended.

Else, you cannot without integrating both applications with each other, such as the various "portal" applications do.
Charles256
DevNet Resident
Posts: 1375
Joined: Fri Sep 16, 2005 9:06 pm

Post by Charles256 »

if they're on the same domain why not just use sessions?
thyrfing
Forum Newbie
Posts: 3
Joined: Wed Nov 23, 2005 7:42 am

this way?

Post by thyrfing »

OK , if i understood right:

Image two applications:

A - phpBB
B - TWiki

Both systems have their own usermanagement

Now i want every phpBB User be allowed directly to edit the Wiki after he had logged into phpBB.

Or: Everybody can write in phpBB, after authentificated in TWiki

What yould you suggest?

Putting a new usermanagement solution in front, placing cookies and modifying A and B this way, that both
a) show no own login form
b) search for cookie or forward to the central usermanagent login form?
Post Reply