Set authentication w/ cookie with external system

I've been wrestling with various approaches to this problem, so I'm throwing this out there.  I have "App A" (php) and "Elgg" as two functioning apps on my server, using the same domain name.

1.  App A has its own login system.  It works great, users can log in/authenticate, log out.

2.  Elgg, installed in the "/pianochat" directory in the http root, works fine on its own.  Test users can log in, use Elgg, log out.

3.  I want App A to set an Elgg cookie so that Elgg will see that user is logged into App A, and then not prompt for user's login.

This requires a plugin to Elgg, but beyond that... any pointers?  I might be asking using the wrong Elgg terminology, but what process should the plugin interrupt?  How can a plugin read a cookie and force Elgg to authenticate a user?  Looking for the way forward.

Thanks.

  • That's a Single Sign On process. What you need to implement is Web Services:

    https://elgg.org/discussion/view/839793/single-sign-onintegration

    What is App A?

  • What you could go for is a Single Sign On solution like SAML using simplesamlphp and https://elgg.org/plugins/1939508. You than only need SAML support in you "App A".

  •  I want App A to set an Elgg cookie so that Elgg will see that user is logged into App A, and then not prompt for user's login.

    Reading above sentence, it seems you want something simple. which is obviously there in Elgg.

    Q1. how the App A is accessing Elgg. is it via webservice ,ajax or default view ?

    Q2 . You dont want Elgg to prompt for login, where?. in App A? or somewhere else?. it seems basically you want a hidden login feature in App A.  ( like elgg mobile app framework enGap)

  • I am implementing Openam and Webagent which will help in restricting the access to a protected resource which in my case is Elgg application.

    Well, whenever I try top access ELGG webpage, openam will redirect browser to openam login page for authentication and after user has successfully given his or her credentials, openam should redirect to elgg webpage I tried to access earlier.

    Openam will generate a SSO token after successfully authenticating the user and will send the sso token(session) to elgg application which should not then ask for login credentials, it should open up that user's profile who had authenticated in openam.

    iplanetDirectoryPro is the cookie openam sends to elgg.

    I just need to know how and where to modify the php code in elgg to get this sso token and retrieve the attributes from this token and open up the session for the user.

    Any help would be appreciated.

    Thankyou :)

Beginning Developers

Beginning Developers

This space is for newcomers, who wish to build a new plugin or to customize an existing one to their liking