Sharing session with an external php application

Hi, I'm almost new to Elgg, and I don't know which is the best way to solve the following. I want to have an external php application associated to Elgg. What I want from this is that if you log in on Elgg, you are logged in in App2. I mean, use the users of Elgg for both applications. App2 just need the users to get their names and photos, and to authenticate them, basically.

I now I can use the api for bringing information from Elgg to App2, but can I share elgg users too? If I could have access to Elgg Session from App2 that would be really easy, but I don't know if it's possible and recommendable to to that. I know LDAP/CAS, but that's more sophisticated than what I'm looking for.

Also, ¿can I put an Elgg login form, register form and recovery password in App2? How do I set the tokens, having in mind that we are talking of App2.

Hope someone can help me with this. Thank you very much

  • ? ;-P
    There have been (Elgg.1.5) PlugIns before to handle such a situation.
    The concept of 'networking' or federating multiple WebSites (Elgg * non-Elgg)
    is not a new one. I did a Design Schema for federated SSO Sites with emphasis
    on Elgg-based sites and experimeted with some Web Services routines to empower this
    some 2 years or so back @ http://connectmyschool.com/
    I doubt is too much heavy code would be available on the open and GPL scene for Elgg - -
    Because of the somewhat intense synaptic involvement ;-)
    Cookie handling is one way to manage this -- more complex federating, data sharing,
    communications..  will require some techie design and code work to make things
    swing together well.


  • Sorry Randy, I didn't saw your message till now. I've answered your private message. Anyhow, I basically used Shyam's solution. Require Elgg engine in App2, and so I was able to use Elgg functions and session. Of course you could go for something more serious and try a CAS/LDAP server for Single Sign On and use Web Services, but I think you don't want to go that far for what you need. Hope that helps.

  • Hmmm...
    Missed these posts for a while ;-(
    Cookie checks/verifications as per Cash
    + Shyam's Technical direction should be all
    that's needed to create a SSO Scenario.
    @Sam - You might want to iterate your workable steps here
    for those who are be interested in similar FX.