Auth_Saml - Support Thread

Post plugins and custom CSS snippets here
TSM
Bear Rating Trainee
Bear Rating Trainee
Posts: 13
Joined: 03 Nov 2015, 16:20

Auth_Saml - Support Thread

Postby TSM » 04 Nov 2015, 20:55


User avatar
fox
^ me reading your posts ^
Posts: 6318
Joined: 27 Aug 2005, 22:53
Location: Saint-Petersburg, Russia
Contact:

Re: Auth_Saml - Support Thread

Postby fox » 04 Nov 2015, 21:10

why the need for a hook?

TSM
Bear Rating Trainee
Bear Rating Trainee
Posts: 13
Joined: 03 Nov 2015, 16:20

Re: Auth_Saml - Support Thread

Postby TSM » 04 Nov 2015, 21:17


JustAMacUser
Bear Rating Overlord
Bear Rating Overlord
Posts: 373
Joined: 20 Aug 2013, 23:13

Re: Auth_Saml - Support Thread

Postby JustAMacUser » 04 Nov 2015, 21:58

You should take a look at the auth_internal and auth_remote plugins. TT-RSS authenticates on every request; if a valid session doesn't exist, it runs the login process, which is entirely pluggable. If you follow through the code you'll see that as long as an authentication plugin returns a valid user the login form won't even be shown.

I'd also suggest plugging the prefs page to store custom settings so users do not need to create a settings.php file, which would be tedious during updates.

TSM
Bear Rating Trainee
Bear Rating Trainee
Posts: 13
Joined: 03 Nov 2015, 16:20

Re: Auth_Saml - Support Thread

Postby TSM » 04 Nov 2015, 22:23


TSM
Bear Rating Trainee
Bear Rating Trainee
Posts: 13
Joined: 03 Nov 2015, 16:20

Re: Auth_Saml - Support Thread

Postby TSM » 04 Nov 2015, 22:45

I will look at seeing how I can push it to use the auth process as it may allow me to get rid of a lot of code re the sessions.

TSM
Bear Rating Trainee
Bear Rating Trainee
Posts: 13
Joined: 03 Nov 2015, 16:20

Re: Auth_Saml - Support Thread

Postby TSM » 05 Nov 2015, 14:51

Ive modified my code to use the native login process cleaning up all the $_SESSION vars but problems arise with the SLO (Single Log Out) & SLS (Single Logout Service) actions, they need to be able to be run any time even if the user is still logged in and if I put that though the authenticate process this just does not work as it is not called.
Currently I am using a mix of backend.php calls for SLO/SLS and index.php SSO/ACS calls to make this work.
Another minor issue is due to the ACS call coming into the index.php it ends up staying in the query string as there is no 'onsuccess' login redirect that I can find to do it cleanly, if the post authenticate() code could be run separately then this would allow cleaning up the auth process.


Return to “Themes and plugins”

Who is online

Users browsing this forum: No registered users and 5 guests