Quickstart for 1.0
From Authentication Tools for Joomla! (JAuthTools)
Joomla! 1.0 provides no default support for multiple authentication methods nor does it feature a LDAP library. This means that we need to install functionality to handle this from scratch.
All items are installed by the mambots. For most users, you will only need two mambots: the Joomla! LDAP Library mambot and the LDAP SSI mambot, which actually provides the login credentials.
At the time of writing the latest release is 1.0.8, however you can view all releases for 1.0 at the following location:
For 1.0.8 specific packages:
To get started quickly you will need to download the following packages:
Unless you need functionality, the other packages can be ignored. However, at the end of this document is a short listing of the other packages.
Once you have downloaded the above files, you will need to install them using the mambot installer like a normal extension.
Once the files have been installed you will need to configure the LDAP Library to be at the top of the system list, after this you can order the LDAP SSI mambot after it. It is important that the files are ordered appropriately or the system will not work (the SSI system won't find the LDAP library and will not work).
Once this is done you will need to configure your settings. These are individual and specific to your particular environment. If you aren't familiar with the terms, I suggest you review the LDAP Tools page to look at the example configurations. If you are using MSAD you might wish to use the JDiagnostics tool to examine things. Please note that JDiagnostics isn't supported for 1.0 any more and all new work is in 1.5 development.
There are other packages available
- com_soapsso and mod_soapsso
These provide inter-Joomla site single sign on. It provides autocreation of users to the registered level and 'trust' for users to enable users with the same account name to be logged into these accounts. It requires SOAP and PHP5 and will also work with Joomla! 1.5 in legacy mode. You can find more information on the SOAP SSO page.
The LDAP Sync bot provides synchronisation with information from an LDAP directory to their equivalent settings within Joomla!. For this it will attempt to reset the users group based on the group mapping system and the users membership of groups within the LDAP tree (signified by the groupMembership or memberOf attribute of the user).
The LDAP SSO bot integrates with Novell eDirectory Netware servers to use the networkAddress attribute to attempt to identify users. It is possible to use this in other situations given that the networkAddress attribute is set appropriately for a user. It works by searching the directory for a match of the users remote IP address.
HTTP SSO uses the HTTP server's authentication mechanisms to identify the remote user and use this to authenticate the user. It will also integrate with the LDAP Library to attempt to autocreate the user if they don't exist as well. This is useful for using tools such as Kerberos in a Microsoft environment (e.g. Integrated Windows Authentication in IIS or mod_auth_kerb in Apache).