Jean-Luc Chassaing
|
Wednesday 22 October 2008 5:38:43 am
My web site is behind an SSO authentification. My SSOHandler logs the correct user. My problem comes after. The SSoHandler is called in the ezuser::instance() function. Once the ssohandler has returned the correcte ezuser instance, some variables are set and then eZHTTPTool::redirect is called. The url called by the redirect is defined in the eZHTTPTool::createRedirectUrl() function with the $_SERVER['host'] variable. I need to use an other Server parameter but i don't want to hack the datatype/ezuser.php file. How can I manage that ?
|
Arnaud Lafon
|
Tuesday 18 November 2008 6:58:57 am
Hi Jean-Luc, assuming you're running ezp 4.0.1, you should have this in ezuser.php on line 1122 :
else // check in extensions
{
//include_once( 'lib/ezutils/classes/ezextension.php' );
$ini = eZINI::instance();
$extensionDirectories = $ini->variable( 'UserSettings', 'ExtensionDirectory' );
$directoryList = eZExtension::expandedPathList( $extensionDirectories, 'sso_handler' );
foreach( $directoryList as $directory )
{
$handlerFile = $directory . '/ez' . strtolower( $ssoHandler ) . 'ssohandler.php';
if ( file_exists( $handlerFile ) )
{
include_once( $handlerFile );
$className = 'eZ' . $ssoHandler . 'SSOHandler';
$impl = new $className();
$ssoUser = $impl->handleSSOLogin();
}
}
}
}
// If a user was found via SSO, then use it
if ( $ssoUser !== false )
{
$currentUser = $ssoUser;
$userInfo = array();
$userInfo[$id] = array( 'contentobject_id' => $currentUser->attribute( 'contentobject_id' ),
'login' => $currentUser->attribute( 'login' ),
'email' => $currentUser->attribute( 'email' ),
'password_hash' => $currentUser->attribute( 'password_hash' ),
'password_hash_type' => $currentUser->attribute( 'password_hash_type' )
);
$http->setSessionVariable( 'eZUserInfoCache', $userInfo );
$http->setSessionVariable( 'eZUserInfoCache_Timestamp', time() );
$http->setSessionVariable( 'eZUserLoggedInID', $id );
eZSessionSetUserID( $currentUser->attribute( 'contentobject_id' ) );
eZUser::updateLastVisit( $currentUser->attribute( 'contentobject_id' ) );
eZUser::setCurrentlyLoggedInUser( $currentUser, $currentUser->attribute( 'contentobject_id' ) );
eZHTTPTool::redirect( eZSys::wwwDir() . eZSys::indexFile( false ) . eZSys::requestURI(), array(), 201 );
}
The problem is that on the last line, eZHTTPTool::redirect is called with hard-coded parameters so you cannot call a different host.
What you can do is doing the redirect in your ssohandler which is called on line 1136.
Copy and paste at the end of your own loginUser() method the code in the if ( $ssoUser !== false ) { ... } and replace
eZHTTPTool::redirect( eZSys::wwwDir() . eZSys::indexFile( false ) . eZSys::requestURI(), array(), 201 )
by
<b>$parameters = array( "host" => "a_different_host", "protocol" => "http" );</b>
eZHTTPTool::redirect( eZSys::wwwDir() . eZSys::indexFile( false ) . eZSys::requestURI(), <b>$parameters</b>, 201 ) return $user; Hope this help.
Looking for information about SQLI ?
Looking for a new job in Paris ?
Please contact me at alafon [at] sqli [dot] com
|