Loading...
 
Architecture / Installation

Architecture / Installation


Remote authentication

posts: 3660 United States

The user database for my Tiki is stored elsewhere and accessible via an ASP page. In my Tiki, I have a form that takes 2 items (MemberID & passowrd) and sends the info in a POST form.

The authentication server returns the information to my Tiki (either as a GET or POST):

  • MemberID (if it was a valid request)
  • MemberName (if it was a valid request)
  • ErrorMessage (if it was an invalid request)


In the event of a valid request how can I:

  • Automatically logon to my Tiki (as a "Registered" user)

or

  • Create a new user account in my Tiki user DB (if it doesn't already exist) and automatically logon to my Tiki (as that user).


Any help?

-Rick

posts: 2428 Czech Republic

> The user database for my Tiki is stored elsewhere and accessible via an ASP page. In my Tiki, I have a form that takes 2 items (MemberID & passowrd) and sends the info in a POST form.
>
> The authentication server returns the information to my Tiki (either as a GET or POST):
> *MemberID (if it was a valid request)
> *MemberName (if it was a valid request)
> *ErrorMessage (if it was an invalid request)
>
> In the event of a valid request how can I:
> *Automatically logon to my Tiki (as a "Registered" user)
> or
> *Create a new user account in my Tiki user DB (if it doesn't already exist) and automatically logon to my Tiki (as that user).
>
> Any help?
>
> -Rick
>

you can always sent via POST or GET request to tiki-login.php, e.g.:

tiki-login.php?user=&pass=

simmilar with registration

luci

posts: 3660 United States

Yes but doesn't that require that I have the user setup in my local Tiki DB? I want to avoid having a second user database.

What I want, is if the remote authentication passes a token (for example: ?Member=Yes ) then Tiki will send ?user=registered&pass=registered. This way authenticated members will automatically access the Tiki with "Registered" access.

I looked at tiki-login.php but I'm not sure where to start. Basically I need.

if the request includes MemberID=True
then call tiki-login.php?user=registered&password=registered
else call tiki-error.php?message=Invalid

Yes, I know that passing the parameters as GET is very insecure... that's step 2. lol

Any PHP hacks out there?

-Rick


>
> you can always sent via POST or GET request to tiki-login.php, e.g.:
>
> tiki-login.php?user=&pass=
>
> simmilar with registration
>
> luci


posts: 9309 Germany
In the latest Tiki 1.9 version we provide mose's intertiki, which allows several tiki systems to use the same database. Maybe you have a look at this code.