[TYPO3-dev] Frontend user login with eID and 4.7 rsaauth
Helmut Hummel
helmut.hummel at typo3.org
Fri Jun 8 01:15:47 CEST 2012
Hi,
On 05.06.12 21:47, Martin Kokes wrote:
> I have an GIS Ext JS application with T3 backend and own Extbase-based
> model. For frontenduser authentification I wrote eID script combined from
> some snippets& hooks. In principle, it is a JSON output for emulating
> felogin form, with no great extensive handling. It just needs rsaauth
> active. See http://pastebin.com/LSvu7N0h
I'm wondering what you want to achieve in the first place.
All the stuff you are doing with the feuser object shoud not be
neccessary at all, because it's already done with
tslib_eidtools::initFeUser()
With that call, the feuser is logged in or something is wrong.
In fact, your call to $feUserObject->start() will destroy the user
session again because rsaauth tries again to decrypt the password, but
fails because after the first decryption the key has been deleted.
Just comment out that code and if you want to skip the pid-check use the
proper configuration
$TYPO3_CONF_VARS['FE']['checkFeUserPid'] = 0;
instead.
> I'm not sure whether my eID login method doesn't need to be polished to meet
> new 4.7 code. I'll be grateful for any advice.
Might be that your code worked with previous versions, but it is still
use of somehow private API or at least wrong usage of the API. Such
things might break on upgrades.
Kind regards,
Helmut
--
Helmut Hummel
Release Manager TYPO3 6.0
TYPO3 Core Developer, TYPO3 Security Team Leader
TYPO3 .... inspiring people to share!
Get involved: typo3.org
More information about the TYPO3-dev
mailing list