#217 SSO Login



I just want to mention that I easily converted MRBS to use our corporate single sign-on. I used host session file:
global $user2;
$remotehostname = $user2;
return $remotehostname;

Where $user2 is created off of $_SESSION['id'] handed off by our SSO (if they don't have and id it bounces them back to sign on via SSO).

Then it uses the MRBS DB for authentication. We simply add the employee id for the name field and give them user/admin rights and works great. Nobody sees any sort of MRBS login screen and they are just in. Have used MRBS for years and want to say it was great that this whole thing took me an hour. I know that most corporate environments have SSO so maybe there could be a mention on how to do this in the help file.


  • Comment has been marked as spam. 

    You can see all pending comments posted by this user  here

    Anonymous - 2013-11-22

    Agreed. I've been using a really old MRBS (from 2001-2002ish) that I had wrapped up into a module for our CMS. Well that outdated system is being retired, but MRBS must live on as it was the only thing still being used.

    I've got the new version (so many nice features added in the past 10 years!) up and running with our data imported, but now I want to integrate it with our company web site SSO style.

    In my case I need to do a little more than check for a PHP session value, so I'm working on making a auth_xxx.inc style "module" of my own that will communicate on the backend to complete the authentication loop with the main web site. I'm hoping I can even have user/admin level access control based on a privilege setting values in our main user database, that way it doesn't have to be a hard coded admin list.

  • John Beranek

    John Beranek - 2013-11-22

    Anonymous #2, if you want to hook into an existing session schema, you'd be best off with a session_xxx.inc implementation, not an auth_xxx.inc...



Cancel  Add attachments

Get latest updates about Open Source Projects, Conferences and News.

Sign up for the SourceForge newsletter:

JavaScript is required for this form.

No, thanks