I hope this is the right place to put this patch.
Herko, feel free to drop/delete if you judge it
Just like Xoops templates are a great way to
personnalize Xoops installations, Authentication
Service mechanism aims to provide the same level of
flexibility for the Xoops authentication process. This
hack/patches only deal with authentication and NOT with
authorisation (modules, function or page ACLs for instance)
Simply said, for each authentication mechanism you want
to support, you have to write one and only one file
with an implementation of the following methods (see
sample implementations for more details):
function &loginUser($uname, $pwd) function &loginUserMd5($uname, $pwd) function logoutUser() function loginPage() function checkLogin()
Save this file under /include/authentication_services/,
reference it in mainfile.php and apply the hack to
system files (cfr. section "How to use the apply the hack")
I provide 3 different implementations:
1. The standard Xoops implementation 2. LDAP implementation: user are authenticated against
a standard LDAP directory and stored in the Xoops DB.
User's data are updated at each new user authentication
3. Central Authentication Service (CAS -
http://www.yale.edu/tp/auth/) from the Yale University.
One of the most clever and secure way to authenticate
users of Web applications. It requires a running CAS
The LDAP implementation could be very easily adapted to
suit your specifics needs (LDAP structure/fields) and
could even be used to authenticate users against
Microsoft Active Directory.
IMHO this hack would deserve to be included in the next
Xoops (even minor) release ;-) It would allow to
upgrade Xoops without to have to re-apply
authentication hacks everytime... Minus hack = smooth