[TYPO3-dev] Using fe_user->createUserSession() to log in and create fe session in TYPO3 4.5
Jochen Rieger
j.rieger at connecta.ag
Wed Nov 2 17:31:47 CET 2011
Hi Helmut,
> You have a login form which is not sent to TYPO3 but another application
> (the SSO agent)
kind of. It is sent to an uri that is defined in the conf of the apache
module (to name it: it's Cafesoft's CAMS agent [1]). So in the cams conf
you define uri which will trigger the agent.
For example you post username and password (and some hidden fields) to
/cams/login/
The agent then will check the credentials against the central user db
(which is not TYPO3) and either forward you to a definable error page or
create the session. You will then find the CAMS related userdata in the
$_SERVER array (id, username, address, etc.)
> then the SSO agent sends a request containing the neccessary user/ auth
> information in HTTP headers?
See my comments above... when the info has arrived in the apache headers
then request had already been finished succesfully.
>> With the auth service we
>> couldn't manage to create the SSO session apache header data.
>
> This part I also don't really get. Auth services can also be considered
> as aome kind of hooks that are executed during the initialisation of the
> user object. Why shouldn't it work here, but when using another hook?
Well, due to time limitation we stopped experimenting with the service
as the other way was already quite clear.
What we tried:
In the service, we created a POST request to the login uri via CURL to
trigger the CAMS login. But we never succeeded in getting the CAMS
headers in our "normal" browser session. Due to a strict timetable we
were not able to dig deeper... of cause it MIGHT be, that the CURL
request was not done correctly. But I'm not sure if a CURL request from
a PHP script will be seen as in the "same" session as the user is with
his browser...?!
> If sending these is not possible nor wanted, you can force calling the
> services by setting the following configuration options to TRUE:
>
> $TYPO3_CONF_VARS['SVCONF']['auth']['setup']['FE_alwaysFetchUser']
> $TYPO3_CONF_VARS['SVCONF']['auth']['setup']['FE_alwaysAuthUser']
Thanks! This is a good hint and might be very useful in this case.
[1] http://www.cafesoft.com/products/cams/camsOverview.html
Regards,
Jochen
More information about the TYPO3-dev
mailing list