Thank you for the code sample. Besides the LDAP plugin, there's also a 4D Technote on using v12/PHP to authenticate. The vendor I am evaluation is PingIdentity.
http://www.pingidentity.com/ On Mon, Apr 18, 2011 at 8:48 AM, Sig Pam <[email protected]> wrote: > Basically, I do already have such a single sign on running here. > > I do have an OpenLDAP backened that holds my users and passwords. > Furthermore, these login information are used for POP, IMAP, Login and > Basic-Authentication on our Apache Webserver. > > The webserver itself has some URL forwarding to two different A4D-Server > URLs, running two web apps on one 4D Server. > > The 4D Server uses a very simple and free LDAP plugin > (http://www.pluggers.nl/downloads/LDAP_Plugin.zip) to access OpenLDAP and > see if a user is authenticated or not. > > My 4D Clients log into the Server using a default user and password, and at > first they get a self designed login screen that prompts for the username > and password. These are checked against the LDAP server with the mentioned > Plugin. > > My onAuthenticate-Method of A4D looks like this: > > method "onAuthenticate" > if (auth user="") > authenticate("Intranet") > else > $err:=LDAPLOGIN(auth user;auth password) > if ($err) > authenticate("Intranet") > end if > end if > end method > > (Notice that "Intranet" is also the AuthName in the Apache) > > The LDAPLOGIN is a very simple Method on the 4D Server: > > C_STRING(255;$1;$2;) > C_INTEGER($0) > $0:=LDAP Login > ("192.168.94.112";389;"uid="+$1+",ou=people,dc=itserv,dc=de";$2;3) > > That's all. > > When somebody enters my intranet URL, he/she has to authenticate for the > webserver AuthName "Intranet". Apache also supports LDAP Authentication. > After he is logged in, the Browser(!) has a valid authentication string for > user/password in the "Intranet"-Context. > > If he navigates to an URL which is forwarded from apache to my 4d server, > A4D does the authentication on the same AuthName. > > Single Sign-on done. > > > Hope that helps. If you have further questions, be prepared that my response > latency might be measured in days :-) > > Peter > > > > > -- > View this message in context: > http://active4d.2283328.n4.nabble.com/Single-Sign-On-tp3451520p3457412.html > Sent from the Active4D mailing list archive at Nabble.com. > _______________________________________________ > Active4D-dev mailing list > [email protected] > http://mailman.aparajitaworld.com/mailman/listinfo/active4d-dev > Archives: http://mailman.aparajitaworld.com/archive/active4d-dev/ > -- m|a _______________________________________________ Active4D-dev mailing list [email protected] http://mailman.aparajitaworld.com/mailman/listinfo/active4d-dev Archives: http://mailman.aparajitaworld.com/archive/active4d-dev/
