Single Signon

tulle004 · Joined: 13 Mar 2007 Posts: 27

I am trying to integrate thyme into our website, and we authenticate from a central server. A cookie is set, and I then set a session variable for the username to be passed to applications. By following an example given in other posts, I have this added to auth.php from the ldap module:

session_start();
if($_SESSION['uidnumber']) {
$_SESSION['uid'] = $_SESSION['username'];
define("_CAL_REUSE_SESSION_", 1);
}

I have also added my own logic so that if a new user is able to login via our authentication, and they go to the calendar, and they have never been to the calendar, an account is created for them. This works, but I do not receive the password, so when an account is created, I would like to create a password for the users, and then when they login that password is passed for login. This is how I create the account in the database, and how I would create the password:

$query = 'select * from thyme.thyme_Users where userid = \''.$username.'\'';
$db_query = mysql_query ($query, $db_connect) or die (mysql_error());

// if user is NOT in the database
if (!$row = mysql_fetch_array($db_query))
{
// insert username into database
$username_insert_query = "insert into calendar.thyme_Users (userid, pass) values ('$username', 'CreatedPassword')";
$username_insert = mysql_query ($username_insert_query, $db_connect) or die (mysql_error());
}

I don't care if the password is the same for everyone, as they have to be authenticated and have an active session to access the application.

Were can I change the logic so that it either does not require a password, or probably easier, always ask for the same password?

Thanks.

esoft_ian · Joined: 12 Sep 2005 Posts: 5275

Hi,

You can insert it like this:

$username_insert_query = "insert into calendar.thyme_Users (userid, pass) values ('$username', md5('CreatedPassword'))";

Note the md5() around the password.

I'm sorry, I'm not quite following you with this question: "Were can I change the logic so that it either does not require a password, or probably easier, always ask for the same password?"

Actually I'm not sure I'm following any of it. If you are using the LDAP module, all you should need to do is add the single sign on code. But I think you want this instead:

session_start();
if($_SESSION['uidnumber']) {
$_SESSION['uid'] = $_SESSION['uidnumber'];
define("_CAL_REUSE_SESSION_", 1);
}

To Thyme, uid is a number, where as userid is the username. But again, maybe I'm misunderstanding what you want to do.

tulle004 · Joined: 13 Mar 2007 Posts: 27

With our authentication, I am passed the username that the user logs in with, but not passes a password. I would like to login to the application with the username that the user authenticated with, but since I don't have the password to use, I either have to login with no password or a password that is set the same for everyone. Since they are authenticated with our system, then I know that they are who they say they are.

I insert then in the database so that I can manually change their account to whatever type of user I want them to be.

Thanks

esoft_ian · Joined: 12 Sep 2005 Posts: 5275

Hi,

So after session_start(), you have $_SESSION['username'] and that is it? Or .. what does $_SESSION contain?