Page 1 of 1

virtuemart Auto login to affiliate site

Posted: Thu Jun 20, 2019 4:10 pm
by krmysl
A client organization running Joomla 3.9 and CiviCRM (jgsny.org) has an affiliation with another company (jewishdata.com). Jewishdata charges a fee to access their database. As a benefit of membership, JGSNY offers free access to Jewishdata. Right now, the member has to go to jewishdata.com and login using a username and password set up by JGSNY to gain access. The username and password has to be changed regularly, therefore all the members need to be informed of the change.

Obviously, this is a pain and I'm trying to find a way to automate the login. If a member is logged into jgsny.org and is in the member group, JGS wants a link from their site to jewishdata.com that passes a cookie or token to jewishdata.com with the login information so the login is automatic. Jewishdata is willing to work with JGSNY to implement a technical solution, but I'm not sure how to do it. Static IP address, redirect, some extension?

Any ideas you have would be helpful.

Re: Auto login to affiliate site

Posted: Thu Jun 20, 2019 7:29 pm
by sozzled
I understand that the target site—the genealogical society—is a J! website and that the affiliated site is not a J! website.

Have you contacted the affiliated website to obtain details of their login API (for user authenticating purposes) in order to see whether "passing a cookie or token" to that website will work?

The problem, as you've described it, is similar in some ways to [what we refer to as] building a bridge. Examples of bridges are
  • connecting J! to PHP forums
  • connecting J! to [wikiMedia-based] wikis
Understanding how the bridge works may lead to a solution (assuming there is clear information about the "affiliated" website's API. I think you need to contact the developers/owners of the affiliated website to obtain the information and then you may be able to build the bridge.

Re: Auto login to affiliate site

Posted: Fri Jun 21, 2019 8:07 pm
by krmysl
Thanks for the quick response. We are in contact with the outside site, but their web person isn't very forthcoming (or maybe knowledgeable) about their API login process. We tried this several years ago with no luck. I was hoping to find a recent solution without building custom code, but didn't expect much out there.
Kate