Presentation is loading. Please wait.

Presentation is loading. Please wait.

Authentication in Joomla! 1.5. About Me  Born in Feb 1979, started in the computing industry with Pong.  In the late ‘80s moved into the Commodore 64.

Similar presentations

Presentation on theme: "Authentication in Joomla! 1.5. About Me  Born in Feb 1979, started in the computing industry with Pong.  In the late ‘80s moved into the Commodore 64."— Presentation transcript:

1 Authentication in Joomla! 1.5

2 About Me  Born in Feb 1979, started in the computing industry with Pong.  In the late ‘80s moved into the Commodore 64 where I developed utilities in Basic (Yes, before I was 10).  Moved into a Tandy PC shortly there after when even more Basic programming was completed including a full blown login system.  I ran a BBS (‘The BBS Enterprise’) for 4 years and became a regular poster on the Fido Network.  First introduction to the Internet was via my high school to the time where we accessed gopher and telnet via a shared modem line.  I started with Slackware Linux in the early ‘90s and ever since then I’ve been working with new technologies including VoIP, and IPv6.  Started PHP development in Feb 2000 with my own concept of what is now known as MVC, although you wouldn’t know it.  I’m currently working as an Information Security Analyst and hold a number of certifications on computer networking and technologies.

3 Overview  Changes from 1.x  Structure/How it works  Code base details  Hello World Example  GMail Example  OpenID & our pit falls  Other schemes to implement  Questions

4 What has changed since 1.x?  Added Plug-in system using JDispatch  Ability to completely customize the authentication system from end to end  Ability for end plug-ins to overwrite user details for user auto-creation. ie: One can login with LDAP email address, and rewrite the UserID to just the login  Enabled the creation of temp users from external plugins.

5 Structure Joomla! Application Joomla Auth OpenID Auth Other Auth Plugins LDAP Auth The Joomla! application sends the authentication request to all enabled plug-ins. The order is based on the plug- in rank in the manager. Each plug-in processes the request and sends back a status to the handler. The handler checks for a success and passes it off to the application. In the case of a failure, it logs the errors to JLog for analysis by the admin.

6 Code Base  function onAuthenticate( $username, $password )  Process an Authentication request  Gets a username and password  Returns a JAuthenticateResponse object  status  JAUTHENTICATE_STATUS_SUCCESS  JAUTHENTICATE_STATUS_FAILURE  error_message  Can be any text  Text should identify the error that occurred  Gets sent to JLog system to be logged  On failure end user will only see invalid credentials response  Can also return: username, fullname, password etc.

7 Code Base cont.  function onAuthenticateFailure( $username, $password )  Fires when only a failure is detected.  Can be used to clear details from J! or cookies on failure.

8 Code Base cont.  function onLoginUser( $response, $remember )  Processed on a successful login by a plugin  $response is the JAuthenticateResponse from the accepted plugin  $remember is set when the user wants to be remembered

9 Code Base cont.  function onLogoutUser( $parameters )  Processed on a logout request from user  $parameters is an array:  Username: The username being logged out  ID: The users ID

10 Code Base cont.  Extra events for syncing users include:  onBeforeStoreUser  onAfterStoreUser  onBeforeDeleteUser  onAfterDeleteUser

11 Hello World of Authentication function onAuthenticate( $username, $password ) { $return = new JAuthenticateResponse('example'); if ($username == “Hello” && $password == “World”) $return->type = JAUTHENTICATE_STATUS_SUCCESS; else $return->type = JAUTHENTICATE_STATUS_FAILURE; return $return; }

12 GMail Example function onAuthenticate( $username, $password ) { $return = new JAuthenticateResponse('gmail'); $curl = curl_init(""); curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1); curl_setopt($curl, CURLOPT_FOLLOWLOCATION, 1); curl_setopt($curl, CURLOPT_USERPWD, "$username:$password"); $result = curl_exec($curl); $code = curl_getinfo ($curl, CURLINFO_HTTP_CODE); $message = ''; $success = 0; switch($code) { case 200: $message = 'Access Granted'; $success = 1; break; case 401: $message = 'Access Denied'; break; default: $message = 'Result unknown, access denied.'; break; } if ($success) { $return->status = JAUTHENTICATE_STATUS_SUCCESS; $return->email = $username; $return->fullname = $username; } else { $return->status = JAUTHENTICATE_STATUS_FAILURE; $return->error_message= 'Failed to authenticate: '. $message; } return $return; }

13 OpenID & Our Pit Falls  Issues  Cookie data needs to be sent to client  It must redirect to external site  It should return to the authentication plug-in  Limited Support in PHP4

14 OpenID & Our Pit Falls cont.  Used JSession to store cookies  Built URIs with JURI and redirected via $mainframe  Returned mimicking a login form response  Checked for cookie/session state to complete the request  Used SimpleXML to mimic OpenID requests

15 Other schemes  Radius  RSA SecurID  WiKID  Extendable External Databases (EED)  Google Account Authentication  Kerberos  IMap/POP3

16 Questions?

Download ppt "Authentication in Joomla! 1.5. About Me  Born in Feb 1979, started in the computing industry with Pong.  In the late ‘80s moved into the Commodore 64."

Similar presentations

Ads by Google