[TYPO3-dev] Frontend user login with eID and 4.7 rsaauth
Björn Pedersen
pedersen at frm2.tum.de
Wed Jun 6 09:23:03 CEST 2012
On 05.06.2012 21:47, Martin Kokes wrote:
> Hello folks,
>
> I already posted my problem in typo3.english list, but maybe here is the
> better place. My problem is:
>
> I have an GIS Ext JS application with T3 backend and own Extbase-based
> model. For frontenduser authentification I wrote eID script combined
> from some snippets & hooks. In principle, it is a JSON output for
> emulating felogin form, with no great extensive handling. It just needs
> rsaauth active. See http://pastebin.com/LSvu7N0h
>
> To generate RSA pair I use following code from felogin
> class.tx_rsaauth_feloginhook.php:
>
> $backend = tx_rsaauth_backendfactory::getBackend();
> $keyPair = $backend->createNewKeyPair();
> $storage = tx_rsaauth_storagefactory::getStorage();
> $storage->put($keyPair->getPrivateKey());
> $rsa_n = htmlspecialchars($keyPair->getPublicKeyModulus());
> $rsa_e = sprintf('%x', $keyPair->getExponent());
>
> Keys are generated, form field added, login window created via
> http://bit.ly/KLUVF3 JS, form correctly encoded and submitted.
>
> To authenticate I have simple t3lib_userAuth::start():
>
> $feUserObject = tslib_eidtools::initFeUser();
> $logintype = t3lib_div::_GP('logintype');
> if ($logintype == 'login') {
> $feUserObject->checkPid = 0;
> $feUserObject->writeDevLog = TRUE;
> $feUserObject->start();
> ...
>
> It was working fine until I upgraded my developer site to 4.7. Since
> then can't get it to work, but normal HTML based felogin works fine.
> Here's anonymized snip from devlog http://pastebin.com/HjhuYHdt
>
> I'm not sure whether my eID login method doesn't need to be polished to
> meet new 4.7 code. I'll be grateful for any advice.
>
> Martin
>
>
>
Hi,
I guess this can be related to http://forge.typo3.org/issues/32864 and
https://review.typo3.org/#/c/5326/
It's line 1273 in class.t3lib_userauth.php: the (encrypted) password
should be stored in uident_$passwordCompareStrategy (uident_rsa
probably) now, not in uident. So you have to slightly adjust your "login
form".
Björn
More information about the TYPO3-dev
mailing list