Joomla! :: View topic - Single sign on mambot

###############################################
# Authentication settings - read AUTHENTICATION
###############################################
$auth["session"] = "php"; # How to get and keep the user ID. One of
# "http" "php" "cookie" "ip" "host" "nt" "omni".
$auth["type"] = "db_ext"; # How to validate the user/password. One of "none"
# "config" "db" "db_ext" "pop3" "imap" "ldap" "nis"
# "nw" "ext".

# The list of administrators (can modify other peoples settings)
#$auth["admin"][] = "127.0.0.1"; # localhost IP address. Useful with IP sessions.
$auth["admin"][] = "admin"; # A user name from the user list. Useful
#with most other session schemes.

# 'auth_config' user database
# Format: $auth["user"]["name"] = "password";

# 'session_http' configuration settings
$auth["realm"] = "mrbs";

# 'auth_ext' configuration settings
$auth["prog"] = "";
$auth["params"] = "";

# 'auth_db_ext' configuration settings
$auth['db_ext']['db_host'] = 'localhost';
$auth['db_ext']['db_username'] = 'dbuser';
$auth['db_ext']['db_password'] = 'secret';
$auth['db_ext']['db_name'] = 'joomla';
$auth['db_ext']['db_table'] = 'jos_users';
$auth['db_ext']['column_name_username'] = 'username';
$auth['db_ext']['column_name_password'] = 'password';
# Either 'md5', 'sha1', 'crypt' or 'plaintext'
$auth['db_ext']['password_format'] = 'md5';

case 'joomla':
list($hash, $salt) = explode(':', $row[0]);
$cryptpass = md5($pass.$salt);
if ($hash == $cryptpass)
{
$retval = 1;
}
break;

$auth["session"] = "php";
$auth["type"] = "db_ext";

# 'auth_db_ext' configuration settings
$auth['db_ext']['db_host'] = 'localhost';
$auth['db_ext']['db_username'] = 'dbuser';
$auth['db_ext']['db_password'] = 'dbpass';
$auth['db_ext']['db_name'] = 'joomla';
$auth['db_ext']['db_table'] = 'jos_users';
$auth['db_ext']['column_name_username'] = 'username';
$auth['db_ext']['column_name_password'] = 'password';
# Either 'md5', 'sha1', 'crypt' or 'plaintext'
$auth['db_ext']['password_format'] = 'joomla'; # This refers to the case in auth_db_ext.inc

<?php
/*****************************************************************************
*
* File name auth_db_ext.inc
*
* Description Authenticate users from a table in another database.
*
* Notes To use this authentication scheme, set in config.inc.php:
* $auth["type"] = "db_ext";
* Assumes passwords are stored in the other table in
* plaintext, authValidateUser() will need to be changed if
* the password is stored differently.
*
* History
* Available in the source control system
*
******************************************************************************/

// $Id: auth_db_ext.inc 994 2009-01-14 21:48:50Z jberanek $

/* authValidateUser($user, $pass)
*
* Checks if the specified username/password pair are valid
*
* $user - The user name
* $pass - The password
*
* Returns:
* 0 - The pair are invalid or do not exist
* non-zero - The pair are valid
*/

function authValidateUser($user, $pass)
{

global $auth;

$retval = 0;

$user = strtolower($user);

if (empty($auth['db_ext']['db_system'])
{
$auth['db_ext']['db_system'] = 'mysql';
}

$conn = sql_connect($auth['db_ext']['db_system'],
$auth['db_ext']['db_host'],
$auth['db_ext']['db_username'],
$auth['db_ext']['db_password'],
$auth['db_ext']['db_name']);

$user = addslashes($user);

if ($auth['db_ext']['use_md5_passwords'] == 1)
{
$pass = md5($pass);
}

$query = "SELECT " . $auth['db_ext']['column_name_password'] .
" FROM " . $auth['db_ext']['db_table'] .
" WHERE ". $auth['db_ext']['column_name_username'] . "='$user'";

$r = sql_query($query, $conn);

if ($r && (sql_count($r, $conn) == 1)) // force a unique match
{
$row = sql_row($r, 0, $conn);

switch ($auth['db_ext']['password_format'])
{

      case 'joomla':
list($hash, $salt) = explode(':', $row[0]);
$cryptpass = md5($pass.$salt);
if ($hash == $cryptpass)
{
$retval = 1;
}
break;

case 'md5':
if (md5($pass) == $row[0])
{
$retval = 1;
}
break;

case 'sha1':
if (sha1($pass) == $row[0])
{
$retval = 1;
}
break;

case 'crypt':
$recrypt = crypt($pass,$row[0]);
if ($row[0] == $recrypt)
{
$retval = 1;
}
break;

default:
// Otherwise assume plaintext
if ($pass == $row[0])
{
$retval = 1;
}
break;





}
}

return $retval;
}

/* authGetUserLevel($user)
*
* Determines the users access level
*
* $user - The user name
*
* Returns:
* The users access level
*/
function authGetUserLevel($user, $lev1_admin)
{
// User not logged in, user level '0'
if(!isset($user))
{
return 0;
}

// Check if the user is can modify
for($i = 0; isset($lev1_admin[$i]); $i++)
{
if(strcasecmp($user, $lev1_admin[$i]) == 0)
{
return 2;
}
}

// Everybody else is access level '1'
return 1;
}

?>

Author:	patrik.soderberg [ Fri Jun 30, 2006 12:14 pm ]
Post subject:	Single sign on mambot
Hi, I'm working on a single sign on solution for Joomla 1.0.9/10 and have reached a problem that I could use some input on. The general idea is to hijack the Joomla login and generate iframes that post the username/password to the other sites that are included in Joomla with the wrapper module. The problem is that the iframes need time to load before continuing with the Joomla login, something that I tried to solve by creating a intermittant page with the iframes. This works fine as long as the correct password and username is supplied but when a mistake is made the Joomla login will fail and try to go back to the login page but instead it will end up at the intermittant page again and a infinite loop is started. I tried to solve this by scrapping the intermittant page and adding the iframes to Joomlas login page but then Joomla will redirect and the iframes will not have time to load (well, actually it works fine for us when you are on the same 100Mbit network as the server). Attached is my work in progress version with some debugging in it that you can ignore. Also the part that makes it create a intermittant page is commented out. The default parameters are for dotProject, MRBS and SVN (using basic http authentication). Thanks Patrik Söderberg

Author:	azrulrhm [ Mon Jul 03, 2006 10:54 am ]
Post subject:	Re: Single sign on mambot
I haven't look at the code yet, but my first instinct tells me that you might need t get your hand dirty with javascript to solve the syncronization problem. Just a tips..

Author:	psimon [ Mon Jul 03, 2006 12:42 pm ]
Post subject:	Re: Single sign on mambot
patrik.soderberg wrote: Hi, I'm working on a single sign on solution for Joomla 1.0.9/10 and have reached a problem that I could use some input on. The general idea is to hijack the Joomla login and generate iframes that post the username/password to the other sites that are included in Joomla with the wrapper module. The problem is that the iframes need time to load before continuing with the Joomla login, something that I tried to solve by creating a intermittant page with the iframes. This works fine as long as the correct password and username is supplied but when a mistake is made the Joomla login will fail and try to go back to the login page but instead it will end up at the intermittant page again and a infinite loop is started. I tried to solve this by scrapping the intermittant page and adding the iframes to Joomlas login page but then Joomla will redirect and the iframes will not have time to load (well, actually it works fine for us when you are on the same 100Mbit network as the server). Attached is my work in progress version with some debugging in it that you can ignore. Also the part that makes it create a intermittant page is commented out. The default parameters are for dotProject and MRBS. Thanks Patrik Söderberg Hello Patrik, do you happend to have ready made code for MRBS-MAMBO/JOOMLA login? I'm not talking about single sign-on but just regular user database intregration, I want to use mambo/joomla user database in MRBS login. Mambo/joomla are currently in the same SQL database. Since I'm not very good with php etc. I would need some help/hints how to make it work. Regards, Peter

Author:	patrik.soderberg [ Wed Jul 05, 2006 12:52 pm ]
Post subject:	Re: Single sign on mambot
Hi Peter, All you need to do is use the wrapper module in joomla and in the MRBS config.inc.php set up db_ext authentication. Code: ############################################### # Authentication settings - read AUTHENTICATION ############################################### $auth["session"] = "php"; # How to get and keep the user ID. One of # "http" "php" "cookie" "ip" "host" "nt" "omni". $auth["type"] = "db_ext"; # How to validate the user/password. One of "none" # "config" "db" "db_ext" "pop3" "imap" "ldap" "nis" # "nw" "ext". # The list of administrators (can modify other peoples settings) #$auth["admin"][] = "127.0.0.1"; # localhost IP address. Useful with IP sessions. $auth["admin"][] = "admin"; # A user name from the user list. Useful #with most other session schemes. # 'auth_config' user database # Format: $auth["user"]["name"] = "password"; # 'session_http' configuration settings $auth["realm"] = "mrbs"; # 'auth_ext' configuration settings $auth["prog"] = ""; $auth["params"] = ""; # 'auth_db_ext' configuration settings $auth['db_ext']['db_host'] = 'localhost'; $auth['db_ext']['db_username'] = 'dbuser'; $auth['db_ext']['db_password'] = 'secret'; $auth['db_ext']['db_name'] = 'joomla'; $auth['db_ext']['db_table'] = 'jos_users'; $auth['db_ext']['column_name_username'] = 'username'; $auth['db_ext']['column_name_password'] = 'password'; # Either 'md5', 'sha1', 'crypt' or 'plaintext' $auth['db_ext']['password_format'] = 'md5';

Author:	patrik.soderberg [ Wed Jul 05, 2006 1:48 pm ]
Post subject:	Re: Single sign on mambot
I have now upladed a new version of the mambot which works in our config (Joomla, SMF(Joomlahacks.com), MRBS, SVN, dotProject). It's pretty general but could probably use some minor modifications if SMF is not used.

Joomla! http://forum.joomla.org/

Single sign on mambot http://forum.joomla.org/viewtopic.php?f=41&t=73307	Page 1 of 1

Author:	tweaked [ Fri Feb 09, 2007 6:50 pm ]
Post subject:	Re: Single sign on mambot
where can I go to download the mambot?

Author:	patrik.soderberg [ Thu Feb 22, 2007 11:55 am ]
Post subject:	Re: Single sign on mambot
Sorry, as I wrote this for an employer I'm no longer with I don't feel comfortable with releasing more than I already have. If there is a greater demand then what I can see here I might consider asking them to release the final version. Regards Patrik Söderberg

Author:	aapoter [ Tue Jan 13, 2009 2:19 pm ]
Post subject:	Re: Single sign on mambot
You can configure MRBS to use Joomla! authentication by editing MRBS files auth_db_ext.inc and config.inc.php. To file auth_db_ext.inc file you need to add new case inside the switch statement authValidateUser() function like: Code: case 'joomla': list($hash, $salt) = explode(':', $row[0]); $cryptpass = md5($pass.$salt); if ($hash == $cryptpass) { $retval = 1; } break; And parameters in config.inc.php should be like this: Code: $auth["session"] = "php"; $auth["type"] = "db_ext"; # 'auth_db_ext' configuration settings $auth['db_ext']['db_host'] = 'localhost'; $auth['db_ext']['db_username'] = 'dbuser'; $auth['db_ext']['db_password'] = 'dbpass'; $auth['db_ext']['db_name'] = 'joomla'; $auth['db_ext']['db_table'] = 'jos_users'; $auth['db_ext']['column_name_username'] = 'username'; $auth['db_ext']['column_name_password'] = 'password'; # Either 'md5', 'sha1', 'crypt' or 'plaintext' $auth['db_ext']['password_format'] = 'joomla'; # This refers to the case in auth_db_ext.inc

Author:	merlin777 [ Thu May 07, 2009 6:49 am ]
Post subject:	Re: Single sign on mambot
Il try to do what you told in that post, but i get a Parse error: syntax error, unexpected '{' in httpdocs/mrbs/auth_db_ext.inc on line 43 i am not so clear with the way i should fix thet problem. I copy the code of the file : (i would be happy to get a answer) Code: <?php /***************************************************************************** * * File name auth_db_ext.inc * * Description Authenticate users from a table in another database. * * Notes To use this authentication scheme, set in config.inc.php: * $auth["type"] = "db_ext"; * Assumes passwords are stored in the other table in * plaintext, authValidateUser() will need to be changed if * the password is stored differently. * * History * Available in the source control system * *****************************************************************************/ // $Id: auth_db_ext.inc 994 2009-01-14 21:48:50Z jberanek $ / authValidateUser($user, $pass) * * Checks if the specified username/password pair are valid * * $user - The user name * $pass - The password * * Returns: * 0 - The pair are invalid or do not exist * non-zero - The pair are valid / function authValidateUser($user, $pass) { global $auth; $retval = 0; $user = strtolower($user); if (empty($auth['db_ext']['db_system']) { $auth['db_ext']['db_system'] = 'mysql'; } $conn = sql_connect($auth['db_ext']['db_system'], $auth['db_ext']['db_host'], $auth['db_ext']['db_username'], $auth['db_ext']['db_password'], $auth['db_ext']['db_name']); $user = addslashes($user); if ($auth['db_ext']['use_md5_passwords'] == 1) { $pass = md5($pass); } $query = "SELECT " . $auth['db_ext']['column_name_password'] . " FROM " . $auth['db_ext']['db_table'] . " WHERE ". $auth['db_ext']['column_name_username'] . "='$user'"; $r = sql_query($query, $conn); if ($r && (sql_count($r, $conn) == 1)) // force a unique match { $row = sql_row($r, 0, $conn); switch ($auth['db_ext']['password_format']) { case 'joomla': list($hash, $salt) = explode(':', $row[0]); $cryptpass = md5($pass.$salt); if ($hash == $cryptpass) { $retval = 1; } break; case 'md5': if (md5($pass) == $row[0]) { $retval = 1; } break; case 'sha1': if (sha1($pass) == $row[0]) { $retval = 1; } break; case 'crypt': $recrypt = crypt($pass,$row[0]); if ($row[0] == $recrypt) { $retval = 1; } break; default: // Otherwise assume plaintext if ($pass == $row[0]) { $retval = 1; } break; } } return $retval; } / authGetUserLevel($user) * * Determines the users access level * * $user - The user name * * Returns: * The users access level */ function authGetUserLevel($user, $lev1_admin) { // User not logged in, user level '0' if(!isset($user)) { return 0; } // Check if the user is can modify for($i = 0; isset($lev1_admin[$i]); $i++) { if(strcasecmp($user, $lev1_admin[$i]) == 0) { return 2; } } // Everybody else is access level '1' return 1; } ?>

Author:	merlin777 [ Tue May 12, 2009 4:39 am ]
Post subject:	Re: Single sign on mambot
nobody?

Page 1 of 1	All times are UTC
Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group http://www.phpbb.com/