Custom login system/SSO support

[johncoolio]

I see a few people have requested this and I want to do this as well.  I see one possible code injection point:  The OA_Start() function in 'www/admin/config.php' has this line of code:

    if (!OA_Auth::isLoggedIn() || OA_Auth::suppliedCredentials()) {

Right after that line, I plan to inject an include to my own PHP file somewhere on the system.  That file will initiate a redirect to our own login interface.  Since I don't care about what level a user operates at, I'm just going to copy the existing 'sessiondata' blob from the 'rv_sessions' database table for full admin rights.

Upon successful SSO sign in, I'll set the "sessionID" cookie to the same value that I also insert into the 'rv_sessions' table (with the aforementioned data) prior to redirecting back to the admin interface.

This way, I only need to modify one line of code whenever I go to upgrade the system and login is transparently tied to our own systems.

Support for SSO systems from Revive would be a simple matter of doing a check at a location for a PHP file that normally doesn't exist.  However, if it exists, execute that file and exit.  If it doesn't exist, then just do the built-in login system thing.  It would be up to the integrator to generate the correct information for the database and set a valid browser cookie.  They'd also be mostly on their own as far as the login and permissions systems go.  I'm fine with that.

[Ardohm]

Hello,

Do you have specifics on the SSO side of this? Meaning are you planning on using an existing library if so mind sharing? I'd be interested in following along your progress and helping if needed. I only ask because this aspect of SAML can get complex and very limiting if not structured properly. I think it is a good idea otherwise from what I see thus far.