You are not logged in.
Pages: 1
I've been working to integrate the BigTree CMS admin console with Single Sign On and I thought I'd share my solution. It was pretty simple but I hope it's helpful.
Create a custom admin router at custom/admin/router.php editing the following line:
// If we're not logged in and we're not trying to login, redirect to the login page.
if (!isset($admin->ID) && $bigtree["path"][1] != "login") {
$_SESSION["bigtree_login_redirect"] = DOMAIN.$_SERVER["REQUEST_URI"];
//If not logged in, try to log the user in. This will just return false if failing and send the user to the login page
$admin->login();
BigTree::redirect(ADMIN_ROOT."login/");
}
Then, in a custom BigTreeAdmin class, override the login method and edit the lines below. This involves replacing the email with the $_SERVER['REMOTE_USER'] variable and, if not included, appending the domain statically or from another environment variable. Then instead of checking the password (commented out), just check for a result when querying for the user.
$f = sqlfetch(sqlquery("SELECT * FROM bigtree_users WHERE email = '".sqlescape($_SERVER['REMOTE_USER'])."@[url]domain.com[/url]'"));
// $phpass = new PasswordHash($bigtree["config"]["password_depth"], TRUE);
// $ok = $phpass->CheckPassword($password,$f["password"]);
if ($f) {
-Michael
Offline
Very cool! We've been investigating things like Shibboleth for SSO but it's not something we're very experienced in yet. Good to know there's a working solution out there if someone needs it.
Thanks Michael!
Offline
Pages: 1