SitePoint Sponsor

User Tag List

Results 1 to 14 of 14
  1. #1
    SitePoint Zealot
    Join Date
    Nov 2006
    Posts
    151
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Unhappy [unsolve] user merging - problem creating a passport for my sites...

    hi, i wish to merge the userlogin function of few of my site...

    i have 3 websites running on the net now. Each of them using different login username and password.

    Now, i wanna make all the user login with a same form, refering to my main database in the portal.

    How can i make the user logged in all 3 sites in one login?

    how will cookie help in this as 3 sites are in different server...

    or is there any other method to solved this problem?

    any hints???

    thank you!
    Last edited by liyenn; Sep 10, 2007 at 07:41.
    newbie...

  2. #2
    SitePoint Wizard gRoberts's Avatar
    Join Date
    Oct 2004
    Location
    Birtley, UK
    Posts
    2,439
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    SSO (Single Sign On) is what you want. Look at this, or search google for PHP Single Sign on...

    http://radio.weblogs.com/0137094/sto...rPhpPages.html


  3. #3
    SitePoint Zealot
    Join Date
    Nov 2006
    Posts
    151
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by gRoberts View Post
    SSO (Single Sign On) is what you want. Look at this, or search google for PHP Single Sign on...

    http://radio.weblogs.com/0137094/sto...rPhpPages.html
    thanks gRoberts for yoour fast reply...

    hmm... the mothod you mentioned here requires OracleAS 10G (or Oracle 9iAS)? How if I'm using MYSQL...
    newbie...

  4. #4
    SitePoint Wizard gRoberts's Avatar
    Join Date
    Oct 2004
    Location
    Birtley, UK
    Posts
    2,439
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Sorry about that, I assumed that the orcale was their choice of Database, again assuming you could replace it with mySQL.

    I've only used SSO on LDAP, which your automatically authenticated by the user you logged into windows with.


  5. #5
    SitePoint Zealot
    Join Date
    Nov 2006
    Posts
    151
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by gRoberts View Post
    Sorry about that, I assumed that the orcale was their choice of Database, again assuming you could replace it with mySQL.

    I've only used SSO on LDAP, which your automatically authenticated by the user you logged into windows with.

    oh, is ok gRoberts. Thanks for your help!

    wish other experts can share experience with me...
    newbie...

  6. #6
    SitePoint Zealot
    Join Date
    Nov 2006
    Posts
    151
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Question anyone knows?

    anyone knows?
    newbie...

  7. #7
    SitePoint Wizard gRoberts's Avatar
    Join Date
    Oct 2004
    Location
    Birtley, UK
    Posts
    2,439
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    I've been looking around and found a few resources regarding single sign on.

    http://www.umich.edu/~umweb/software/cosign/

    but this seems to be more promising for what you require:

    http://www.openfusion.com.au/labs/mod_auth_tkt/

    found at : http://blog.ianbicking.org/more-on-single-signon.html


  8. #8
    SitePoint Addict
    Join Date
    Jan 2007
    Location
    Romania
    Posts
    203
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    You have to have a common database where you keep your users informations. Every time the user logs in you check for its username/password in that db.

    Now, if a user logs in on one of you sites you mark him as logged in. You can do this by setting a value in you db from 0 to 1 and you set a cookie to store it's username. You have to do this once for all of your sites. After the user accessed at leas once all of your sites you have cookies from each domains of you sites. When the user is browsing from a site to another you just check for the username in the cookie to see if it's logged in or not and you add a few days/hours/minutes to the lifetime of your cookie.

    Theoretically it should work.

  9. #9
    SitePoint Zealot
    Join Date
    Nov 2006
    Posts
    151
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by gRoberts View Post
    I've been looking around and found a few resources regarding single sign on.

    http://www.umich.edu/~umweb/software/cosign/

    but this seems to be more promising for what you require:

    http://www.openfusion.com.au/labs/mod_auth_tkt/

    found at : http://blog.ianbicking.org/more-on-single-signon.html

    thanks for your links again...
    i'll spend some times looking at them...
    newbie...

  10. #10
    SitePoint Guru Ruben K.'s Avatar
    Join Date
    Jun 2005
    Location
    Alkmaar, The Netherlands
    Posts
    693
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    I'm assuming all three websites connect to the same database

    How I would do this is internally redirect to login handlers on all three websites, set the cookies and return to the original page

    So the login form would go to site1.com/login_handler.php
    After setting the first cookie, you use header( "Location: x" ); to send
    the user to site2.com/login_handler.php, with a few GET variables
    (could be a hash), which verifies the user has input the correct
    information and creates a cookie, then sends the user to the third site
    to be logged on there as well, only to be returned to the original page

    Logged on to three website

  11. #11
    SitePoint Zealot
    Join Date
    Nov 2006
    Posts
    151
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by iulian View Post
    You have to have a common database where you keep your users informations. Every time the user logs in you check for its username/password in that db.

    Now, if a user logs in on one of you sites you mark him as logged in. You can do this by setting a value in you db from 0 to 1 and you set a cookie to store it's username. You have to do this once for all of your sites. After the user accessed at leas once all of your sites you have cookies from each domains of you sites. When the user is browsing from a site to another you just check for the username in the cookie to see if it's logged in or not and you add a few days/hours/minutes to the lifetime of your cookie.

    Theoretically it should work.
    Thanks Julian,

    I have already own a common database keeping my users information.

    I'm actually trying to make the login of my portal, wiki and forum all at the parallel.

    as some of the system such as forum and wiki might invlove update on the sourcecode and database in the future, i wish to solve this case without modifying their database table fields ...
    newbie...

  12. #12
    SitePoint Addict
    Join Date
    Jan 2007
    Location
    Romania
    Posts
    203
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Ruben K., cand you explain this more detailed please?

    If you use Header('Location: x') your user will be redirected to location x and will not see what he requested.

    The real problem here is that you can't force the client to set a cookie for another domain than the one you browse. Just delete all your cookies and then try login to Yahoo and then visit Flikr - you are not automatically logged in because Flickr can't identify you after your username.

  13. #13
    SitePoint Zealot
    Join Date
    Nov 2006
    Posts
    151
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by Ruben K. View Post
    I'm assuming all three websites connect to the same database

    How I would do this is internally redirect to login handlers on all three websites, set the cookies and return to the original page

    So the login form would go to site1.com/login_handler.php
    After setting the first cookie, you use header( "Location: x" ); to send
    the user to site2.com/login_handler.php, with a few GET variables
    (could be a hash), which verifies the user has input the correct
    information and creates a cookie, then sends the user to the third site
    to be logged on there as well, only to be returned to the original page

    Logged on to three website
    Ruben K,

    Thanks for your suggestion!

    do you mean in site1.com/login.php, it contains header("Location:http://site2.com/login_check.php?action=login&username=$username&password=$pass&blahblahblah")

    then in site2.com/login_check.php?action=login&username=$username&password=$pass&blahblahblah,

    it contains header
    ("Location:http://site3.com/login_check.php?action=login&username=$username&password=$pass&blahblahblah")

    and in site3.com/login_check, it will redirect to site1.com?

    =====================================================

    actually i was thinking to do like this, login to the portal, the send the required variables using curl method to an api link of wiki, then send the required set of variables to header location to the forum. At forum,, it will redirect the page back to the page before login...

    however, the api for wiki is not working... anyone has experience in using curl with mediawiki api???
    newbie...

  14. #14
    SitePoint Zealot
    Join Date
    Nov 2006
    Posts
    151
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Question can i use curl to login wiki ? (through wiki api)

    Below is the curl code i used to pass the variables to wiki api....

    however, it is not working!

    is my coding correct?

    or can my method apply in this condition?

    PHP Code:
            $postfields = array(); 
            
    $postfields[] = array("action""login"); 
            
    $postfields[] = array("lgname""$id"); 
            
    $postfields[] = array("lgpassword""$pass"); 
            
            
            foreach(
    $postfields as $subarray) { 
                 list(
    $a$b) = $subarray
                 
    $burlencode($b); 
                 
    $postedfields[]  = "$a=$b"
            } 
            
            
    $urlstring join("\n"$postedfields); 
            
    $urlstring ereg_replace("\n""&"$urlstring); 
            
            
    $ch curl_init("http://mydomain.com/api.php"); 
             

            
    curl_setopt($chCURLOPT_HEADER0); 
            
    curl_setopt($chCURLOPT_POST1); 
            
    curl_setopt($chCURLOPT_POSTFIELDS$urlstring); 
            
    curl_setopt($chCURLOPT_FOLLOWLOCATION0); 
            
    curl_setopt($chCURLOPT_RETURNTRANSFER1); 
            
    $buffer curl_exec($ch); 
            
    curl_close($ch); 
    newbie...


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •