Hi everyone. I'm having trouble when accessin Elgg RESTAPI. I have a second php application, and I authenticate to both of them via a CAS Server (Single sign on). The problem is that when I try to access Elgg restapi in the second application and get the contents with file_get_contents, I don't receive them cause that call require authentication in CAS, though I am already authenticated. I don't know how to fix this, and I'm thinking that maybe I could disable the CAS/login authentication for restapi accesses, and control the access via restapi authentication only. I don't know if this is possible, and how to do it, so if anybody can help me with this, or can suggest another solution to the problem, it'd be very helpful for me. Thanks in advance
info@elgg.org
Security issues should be reported to security@elgg.org!
©2014 the Elgg Foundation
Elgg is a registered trademark of Thematic Networks.
Cover image by RaĆ¼l Utrera is used under Creative Commons license.
Icons by Flaticon and FontAwesome.
- Cash@costelloc
Cash - 0 likes
- spengler@spengler
spengler - 0 likes
You must log in to post replies.Is the second PHP application making calls against Elgg's web services API? I don't understand from your comments who is hitting the API.
Hi Cash. Thanks for answering. That's it. The second one is a pure php cms-like application. This one is trying to access Elgg web service, but it fails receiving its results because it requires again cas authentication, though I'm already logged in (CAS gives central authentication for both applications, cms and elgg). The fact is that if I go to the url of the rest api function it goes ok, but if I try to access it vía file_get_content or curl I get the authentication problem. So I suppoes it's not a problem with rest api itself, but with cas authentication, when it comes to access elgg web services.