Using another database's login info for Concrete5
Permalink
Sorry if I've posted this in the wrong section - it's my first post here. I'm currently using another (specialised) system for tracking records and specific info, etc. which is quite useful, however for managing the front-end look and news content, it has become quite a burden. So, the first step I've been looking at is to make Concrete5 use the existing login database. I've looked at the code in both the login.php and the controller for login.php, but can't seem to find where other functions and classes are that actually run the checks to see whether to authenticate the user or not. I'd just like a small push in the right direction - any help would be appreciated!
As we will be still using the original CMS for a few things and we'd prefer an SSO solution, would you suggest doing it the other way and using the concrete5 system for managing users instead (so we have less things to do on the legacy system)? That might be indeed an option if we cannot find a newer alternative for this web system. In that case would there be anything to watch out for regarding users on concrete5?
Yes - indeed you are correct about Qantas94Super... ;) However it has been operated by the B747s (which are in the "heavy" category) in the past and I'm well known enough by now on other (smaller) forums to not prefer a change in name.
Yes - indeed you are correct about Qantas94Super... ;) However it has been operated by the B747s (which are in the "heavy" category) in the past and I'm well known enough by now on other (smaller) forums to not prefer a change in name.
Basically, I really wouldn't recommend trying to log people in to c5 unless it's to an actual user account row. Even the built-in SSO solution (openid) works by creating a local user account and linking that up.
This isn't an unlikely / unordinary requirement of c5. If your other CMS doesn't require this then, by all means, use c5 as the master. But i suspect you'll find that it requires local user accounts, too.
So, either create a single account you can log everyone in as (assuming users don't have differing permissions), or import the accounts regularly, or create them / update them every time they log in
This isn't an unlikely / unordinary requirement of c5. If your other CMS doesn't require this then, by all means, use c5 as the master. But i suspect you'll find that it requires local user accounts, too.
So, either create a single account you can log everyone in as (assuming users don't have differing permissions), or import the accounts regularly, or create them / update them every time they log in
I'd really recommend against just overriding that check and checking against another database. You can probably get away with it at first glance, and maybe even get User() to create the appropriate cookies for an account that doesn't exist locally, but I think you're going to have issues down the road with services (blocks, pages, whatever) that try to check permissions or do anything with userIDs.
This topic came up recently and I recommended, at the least, to create a catch-all account ("other db user" or something), and then log in all authenticated users as that user. At least then c5 has an actual record to reference. But, I think the best thing would be to just import all external users into the c5 database.
Shouldn't that be Qantas94Super???