[Cartoweb-users] 3d party authentication

Oliver Christen oliver.christen at camptocamp.com
Wed Sep 27 08:38:37 EDT 2006 

the "usual" way to do this is to create a plugin to extend the 
SecurityContainer class and access in session the username of the current 
user.
redefine the checkUser and getRoles functions (defined in 
SecurityManager.php).  The external application need to set that username in 
session before.

class exempleSecurityContainer extends SecurityContainer {

    /**
     * Database object
     * @var DB
     */
    protected $db;

    /**
     * @var ClientPluginConfig
     */
    protected $config;

    /**
     * Constructor
     */
    public function __construct(ClientPluginConfig $config) {
        require_once('DB.php');
        $this->config = $config;
    }

     /**
     * @see SecurityContainer::checkUser()
     */
     public function checkUser($username, $password) {

        $db = $this->getDb();
        $pass = $db->getOne(sprintf("SELECT password FROM user WHERE 
username='%s'",
                           addslashes($username)));
        Utils::checkDbError($pass);

        return $pass;
     }

     /**
     * @see SecurityContainer::getRoles()
     */
     public function getRoles($username) {

      if (empty($username)) {
       // Take the username from the extenal application.
       // This appends at the first cartoweb login when the auth
       // plugin has no info about the username.
            $username = $_SESSION["USER"];
      }

        $db = $this->getDb();
        $roles = $db->query(
            "SELECT roles FROM roles_table WHERE username = '{$username}'"
                            );

        Utils::checkDbError($roles);

        $result = array();
        while ($role = $roles->fetchRow(DB_FETCHMODE_ASSOC)) {
            // some treatment if needed before returning the role 
corresponding to the username
        }
        return $result;

     }

    /**
     * Returns the Pear::DB database connection.
     * @return DB
     */
    protected function getDb() {
        if ($this->db)
            return $this->db;

        if (!$this->config->databaseDsn)
            throw new CartoclientException('Missing databaseDsn parameter');
        $dsn = $this->config->databaseDsn;

        $this->db = DB::connect($dsn);
        Utils::checkDbError($this->db);
        return $this->db;
    }

}



> Hi,
>
> Need your help.
>
> I want to use one login page for all my project. So user logs in CMS and 
> get access to all application including CartoWeb.
> How can I integrate this feature to my CMS (of course for CartWeb only)?
> Thanks for the answers
>
> Bye
> _______________________________________________
> Cartoweb-users mailing list
> Cartoweb-users at lists.maptools.org
> http://lists.maptools.org/mailman/listinfo/cartoweb-users
>

More information about the Cartoweb-users mailing list