[web2py] Re: CAS auto login for all apps
pepper_bg. You mean @auth.requires_login() ? Cos it works and you are 100% right about what I'm trying to describe :) Thanks! Anthony. Thanks again. It seems separating databases and using CAS is the most suitable for my system.
[web2py] Re: CAS auto login for all apps
On Wednesday, November 9, 2011 11:58:36 PM UTC-5, Cahya Dewanta wrote: Anthony. Just tried and indeed it works. Can I combine it with pepper_bg's tips so I get the same behaviour? Once login will autologin all apps if we visit them. I still need to click login button right now. I'm not sure. When using CAS, you might still have to explicitly click login to be logged in via CAS. Another thing to keep in mind -- when you store sessions in the DB, sessions are no longer locked during each request as they are when stored on the filesystem. This means if the same users sends two nearly simultaneous requests that use the session (which may happen with Ajax components on the page), you could get a race condition with the session. Anthony
[web2py] Re: CAS auto login for all apps
I still need to click login button right now. Just add @auth.login_required on top of the controller functions you want to auto login from in the consumers and if you are logged in at the CAS provider you will get logged in here as well (I believe this what you are describing you want to do now but not 100% sure).
[web2py] Re: CAS auto login for all apps
I have my CAS working properly. First, what do you mean by that? CAS works out of the box. Here is how to test the scenario *I think* you are describing: 1. From the web interface create three applications app1, app2, app3 (app1 and app2 will be consumers, app3 the CAS provider). 2. In app1 and app2 in db.py replace: auth = Auth(db, hmac_key=Auth.get_or_create_key()) with this: auth = Auth(db,cas_provider = 'http://127.0.0.1:8000/app3/default/user/ cas') 3. Go to http://localhost:8000/app3/appadmin/insert/db/auth_user and create a new user (do first, last, email, password). 4. Go to http://localhost:8000/app1/default/index and hit 'login', (it should send you to http://127.0.0.1:8000/app3/default/user/cas/login?service=http://localhost:8000/app1/default/user/login) and login with the credentials from step 3. 5. Go to http://localhost:8000/app2/default/index and hit 'login' - it should AUTOMATICALLY log you in without asking for email/password Works for me. If your consumers are not running from the same server you may have to do extra stuff but first see if the above works.
[web2py] Re: CAS auto login for all apps
Thank you :) 'CAS is working properly' by my little understanding is I'm able to login to each app with one single id, though I have to manually provide credentials data once again to each app. I've followed your sample and it works. Then I change the adapter to MySQL. Setting up all DAL to refer to one single database. I go to http://127.0.0.1:8000/app1/default/index and I get InternalError: (1050, uTable 'auth_user' already exists). So I set auth.define_tables(migrate=False) of the consumers and am able to enter app1/default/index. I click login then I get InternalError: (1054, uUnknown column 'auth_user.username' in 'field list'). What do I miss here? Thank you again.
[web2py] Re: CAS auto login for all apps
On Wednesday, November 9, 2011 8:44:39 AM UTC-5, Cahya Dewanta wrote: I've followed your sample and it works. Then I change the adapter to MySQL. Setting up all DAL to refer to one single database. With CAS each app should have its own db with its own Auth tables. The auth_user data from the provider app will be copied to the consumer app. See the documentation: http://web2py.com/book/default/chapter/08#Central-Authentication-Service. Anthony
[web2py] Re: CAS auto login for all apps
Yes, the fact that your applications are sharing a DB connection already means that you don't need CAS. Can you describe what you are trying to do?
[web2py] Re: CAS auto login for all apps
Hello Anthony. I begin to think that I do the wrong approach for my system. In my understanding, 3 different databases would make 3 different user registrations. Is it?
[web2py] Re: CAS auto login for all apps
pepper_bg, my project is exactly the same with your samples above except I'm using MySQL. I have 3 apps and one registration should be enough to access those all apps. I try to avoid different registrations and different logins. One login, one username for all. What approach should I do then?
[web2py] Re: CAS auto login for all apps
One login, one username for all. What approach should I do then? You seem to be already on the right track: 1. Make your applications share a DB. You are already doing this auth.define_tables(migrate=False). Debug that error you are getting or post here the complete trace. 2. Make them share sessions via the DB, read around this line session.connect(request, response, db, masterapp=None) here http://web2py.com/book/default/chapter/04#session Read just to have an idea what you are doing - http://web2py.com/book/default/chapter/08#Customizing-Auth
[web2py] Re: CAS auto login for all apps
Thank you. I'll get your directions and will post the result to inform.
[web2py] Re: CAS auto login for all apps
On Wednesday, November 9, 2011 12:30:24 PM UTC-5, Cahya Dewanta wrote: Hello Anthony. I begin to think that I do the wrong approach for my system. In my understanding, 3 different databases would make 3 different user registrations. Is it? If you're using CAS, the registrations (and logins) would all happen in the provider app, but the consumer apps would also have auth_user tables -- any common fields would simply get copied over from provider to consumer.
[web2py] Re: CAS auto login for all apps
pepper_bg. I just realize like you mentioned before that I don't need CAS since I'm sharing the database. Once I set session.connect(request, response, db, masterapp='app3') it works! It even autologin to all apps once I login. No clicking login button. Once logout will logout all apps too. Something that I was looking for. Thank you for your assistant, really appreciate it :)
[web2py] Re: CAS auto login for all apps
Anthony. Just tried and indeed it works. Can I combine it with pepper_bg's tips so I get the same behaviour? Once login will autologin all apps if we visit them. I still need to click login button right now.