Single Sign On

asiral · May 22, 2013 3:08pm

I've been working to integrate the BigTree CMS admin console with Single Sign On and I thought I'd share my solution. It was pretty simple but I hope it's helpful.

Create a custom admin router at custom/admin/router.php editing the following line:

    // If we're not logged in and we're not trying to login, redirect to the login page.
    if (!isset($admin->ID) && $bigtree["path"][1] != "login") {
        $_SESSION["bigtree_login_redirect"] = DOMAIN.$_SERVER["REQUEST_URI"];
        //If not logged in, try to log the user in. This will just return false if failing and send the user to the login page
        $admin->login();
        BigTree::redirect(ADMIN_ROOT."login/");
    }

Then, in a custom BigTreeAdmin class, override the login method and edit the lines below. This involves replacing the email with the $_SERVER['REMOTE_USER'] variable and, if not included, appending the domain statically or from another environment variable. Then instead of checking the password (commented out), just check for a result when querying for the user.

            $f = sqlfetch(sqlquery("SELECT * FROM bigtree_users WHERE email = '".sqlescape($_SERVER['REMOTE_USER'])."@[url]domain.com[/url]'"));
//            $phpass = new PasswordHash($bigtree["config"]["password_depth"], TRUE);
//            $ok = $phpass->CheckPassword($password,$f["password"]);
            if ($f) {

-Michael

timbuckingham · May 22, 2013 3:11pm

Very cool! We've been investigating things like Shibboleth for SSO but it's not something we're very experienced in yet. Good to know there's a working solution out there if someone needs it.

Thanks Michael!

Discussion Forum

BigTree CMS Discussion Forum

#1 May 22, 2013 3:08pm

Single Sign On

#2 May 22, 2013 3:11pm

Re: Single Sign On

Board footer