3rd Party Authentication For Privileged Content
Permalink
Hello Concrete5 Community,
I have a client that needs to integrate association management software called Avectra with a CMS platform to serve member-only content. I love the Concrete5 platform, and I would like to push this in our primary proposal.
I wanted to run my game plan through those in the community who have had much more experience in concrete5.
Avectra exposes a web service that can be used for authentication:
http://wiki.avectra.com/XWeb:WEBWebUserLogin...
I want to create a single page for login using the Avectra web service. Upon successful authentication, I would use the User::loginByUserID($userID) method to log the member in as a generic "Association Member" account. I feel like this would cut development/frustration time down by a great deal rather than trying to implement a system like OpenID which creates new users if they don’t currently exist.
As I am fairly new to Concrete5, does this seam plausible?
I have a client that needs to integrate association management software called Avectra with a CMS platform to serve member-only content. I love the Concrete5 platform, and I would like to push this in our primary proposal.
I wanted to run my game plan through those in the community who have had much more experience in concrete5.
Avectra exposes a web service that can be used for authentication:
http://wiki.avectra.com/XWeb:WEBWebUserLogin...
I want to create a single page for login using the Avectra web service. Upon successful authentication, I would use the User::loginByUserID($userID) method to log the member in as a generic "Association Member" account. I feel like this would cut development/frustration time down by a great deal rather than trying to implement a system like OpenID which creates new users if they don’t currently exist.
As I am fairly new to Concrete5, does this seam plausible?
Thank you for your prompt response!
The web service is authenticated by a token in the SOAP headers.
If a user has not logged in and tries to access privileged content is there a way to route them to my login single page? I still need access to the C5 login for administrative features.
The web service is authenticated by a token in the SOAP headers.
If a user has not logged in and tries to access privileged content is there a way to route them to my login single page? I still need access to the C5 login for administrative features.
If you mean you want the Avectra login system and the c5 login system work in parallel I don't think that this will work. Even if it did, it wouldn't be a good idea to have two seperate login systems.
You could use parent::redirect('/login') in your login controller to redirect somebody to the login page if a logon was responded with "success:0". Just a recommondation, try to do that in a https environment.
Good luck with your project.
You could use parent::redirect('/login') in your login controller to redirect somebody to the login page if a logon was responded with "success:0". Just a recommondation, try to do that in a https environment.
Good luck with your project.
Fernandos,
Thank you for your reply.
I think you misunderstand my intentions for having separate authentication. The client is an association that has thousands of members which are managed by an association management platform (Avectra).
One of the clients requirements is to serve privileged content to their members (within Avectra). Instead of an implementation like the one in C5 for OpenID, I want to make it much more simple and log the user in programmatically as a generic "Association Member" user within the C5 system.
So basically it is authenticating on the Avectra side then logging them in as a generic on C5.
I need to still allow the clients administrators log into their accounts for content management.
Does that make sense?
Thank you for your reply.
I think you misunderstand my intentions for having separate authentication. The client is an association that has thousands of members which are managed by an association management platform (Avectra).
One of the clients requirements is to serve privileged content to their members (within Avectra). Instead of an implementation like the one in C5 for OpenID, I want to make it much more simple and log the user in programmatically as a generic "Association Member" user within the C5 system.
So basically it is authenticating on the Avectra side then logging them in as a generic on C5.
I need to still allow the clients administrators log into their accounts for content management.
Does that make sense?
http://www.yoursite.com/avectra_callback/...
which verifies that the postback/callback is being done properly, and if so, logs the user in to the account that you specify, and forwards them on to the homepage.