• This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn more.

SSO Possible?

#1
I didn't want to hijack the CAS thread, but I came here looking for similar information.

With the XenForo add-on system, is it possible to integrate an SSO solution?

1) Using XenForo as the master user base wouldn't be that difficult as long as we had a way we could securely test in an external PHP script/app if a user is logged in, and then get that user info for the external system to use for SSO.

Question: Can these tests be done from external scripts on the same top level domain?

2) Using an external app as the master user base would be a lot more complicated I'm sure as there would need to be ways to hook code into the login/register/update screens, or a way to entirely substitute those pages with the external app. Who knows what the external app is going to be so how can you plan for that huh?

It would be helpful even if there was basic support for auto-logging in/adding a user from an add-on could be done. Then maybe a redirect option for basic the basic account info like username, email, & password.

Question: I understand #2 is a fluffy question, but is this being considered with this software?

SSO support would definitely open up a new range of potential clients for this software.
 

Digital Doctor

Well-known member
#2
what software were you hoping to use with xenforo ?

Is your question ... is Xenforo.com going to release a SSO addon that would allow external apps to work with it ?
I think the answer there would be: unlikely.

Software integration (and the level of integration) can be complex. It really depends on the exact software and the level of integration you want.

Have you used phpCAS before ?
 
#4
what software were you hoping to use with xenforo ?
Drupal or any other system of users that could use a forum, whether it's a CRM or a companie's AD via LDAP. I've written Drupal 6 bridges for VB where VB was the master, but it was done by basically making Drupal the SSO point. I'm guessing it wouldn't be too difficult to do with XenForo, but it would be super if just some basic API support was provided out of the box to do this. (scenario #1 in my original question)

Is your question ... is Xenforo.com going to release a SSO addon that would allow external apps to work with it ?
Maybe, or just a simple API for developers to connect to.

Have you used phpCAS before ?
I have not used it before, but I will check it out.
 

Digital Doctor

Well-known member
#5
I'm guessing it wouldn't be too difficult to do with XenForo, but it would be super if just some basic API support was provided out of the box to do this.
Ah. Good suggestion. You might want to make a formal request for this.

Re: phpCAS - I have not used it before, but I will check it out.
Drupal is "CASified": http://xenforo.com/community/threads/cas-central-authentication-server.19265/#post-247586
Another suggestion might be to ask Xenforo to be "CAS-ified". You might want to make a formal request for this.
 

Reeve of Shinra

Well-known member
#7
Xenforo supports authentication against Facebook and Twitter and someone else released a mod that allowed for authentication against the Steam gaming service. Theoretically speaking then, the framework is in place if you had a coder who would be able to roll one out for you.
 
#8
Great point Reeve, ... that would mean part of my #2 question is probably already considered.

Thanks for the info guys. Next step is for me to do some testing.
 

James

Well-known member
#9
The easiest way to log in with another application (I think) would be to add another action to XenForo_ControllerPublic_Register and handle the registration there.