#28 Pluggable Authentication Service

Benoit Mercier

I hope this is the right place to put this patch.
Herko, feel free to drop/delete if you judge it

Just like Xoops templates are a great way to
personnalize Xoops installations, Authentication
Service mechanism aims to provide the same level of
flexibility for the Xoops authentication process. This
hack/patches only deal with authentication and NOT with
authorisation (modules, function or page ACLs for instance)

Simply said, for each authentication mechanism you want
to support, you have to write one and only one file
with an implementation of the following methods (see
sample implementations for more details):

function &loginUser($uname, $pwd)
function &loginUserMd5($uname, $pwd)
function logoutUser()
function loginPage()
function checkLogin()

Save this file under /include/authentication_services/,
reference it in mainfile.php and apply the hack to
system files (cfr. section "How to use the apply the hack")

I provide 3 different implementations:

1. The standard Xoops implementation
2. LDAP implementation: user are authenticated against

a standard LDAP directory and stored in the Xoops DB.
User's data are updated at each new user authentication
3. Central Authentication Service (CAS -
http://www.yale.edu/tp/auth/) from the Yale University.
One of the most clever and secure way to authenticate
users of Web applications. It requires a running CAS

The LDAP implementation could be very easily adapted to
suit your specifics needs (LDAP structure/fields) and
could even be used to authenticate users against
Microsoft Active Directory.

IMHO this hack would deserve to be included in the next
Xoops (even minor) release ;-) It would allow to
upgrade Xoops without to have to re-apply
authentication hacks everytime... Minus hack = smooth


  • Skalpa Keo
    Skalpa Keo

    Logged In: YES

    This is quite appreciated Benoit, and we'll add this in the
    next "major" release (next minor one should be a bugfix only
    one and is expected in a few days).
    Do you think you could take care of implementing this by
    yourself in the CVS version ?
    I won't have the time to correctly test the LDAP plug, and
    would like a few things to be corrected in your code also
    (actually you've done it the 100% correct Xoops way but I
    want to update the Xoops way ;-), and we should be able to
    reduce code duplication in your auth classes).

  • Benoit Mercier
    Benoit Mercier

    Logged In: YES

    Ok, Skalpa. I will implement this in the CVS version by
    myself. Once it will be done, I will send you a message in
    order to let you know that you can adapt the code to the new
    Xoops way (any documentation or links ?).

  • Benoit Mercier
    Benoit Mercier

    NIS authentication module (beta)