From Authentication Tools for Joomla! (JAuthTools)

Revision as of 07:01, 21 November 2008 (view source) Pasamio (Talk | contribs) ← Older edit		Revision as of 05:38, 1 December 2008 (view source) Pasamio (Talk | contribs) (→A simple Type A plugin) Newer edit →
Line 23:		Line 23:
	* @since 1.5		* @since 1.5
	*/		*/
-	function plgSSOTypeA(& $subject) {	+	function plgSSOTypeA(& $subject, $params) {
-	parent :: __construct($subject);	+	parent :: __construct($subject, $params);
	}		}

---

Revision as of 05:38, 1 December 2008

Writing an SSO plugin for your favourite service is actually quite easily. You first have to however ask what sort of SSO plugin you want to write as there are three:

• Type A plugins are the most basic and only need a 'detectRemoteUser' call to be activated. They're called and expected to use information in the session to determine the remote user. Examples of this are the HTTP SSO, IP SSO and eDirLDAP SSO plugins.
• Type B plugins are a step above which use callbacks to identify the user. These systems use links to gain access and doesn't require the user to do much more than click on it and let the system redirect them around and eventually authenticate them. Examples of this are the SOAP SSO and SimpleSSO systems. These systems should implement the 'getSPLink' and should expect to be passed params from the SSO Providers table (provided into the constructor). They should also implement the 'detectRemoteUser' call to help detect the remote user in either a directly identified situation (e.g. the SSO system knows that this plugin should be used) or in a more general sense (the plugin is called in plugin group). Additionally the plugin should also support the 'getOperations', 'ping' and 'refresh' calls.
• Type C plugins determine how to authenticate the user from user provided information, such as a URI. These plugins should implement the 'getForm' function and return a HTML form to be used by the system. Like both Type A and B plugins, it should also implement the 'detectRemoteUser' call.

A simple Type A plugin

This type A plugin always identifies the user 'admin' and doesn't do any actual detection work itself. Instead of returning a fixed username, a type A plugin should attempt to detect the user or return false if it cannot detect a user.

<?php
jimport('joomla.plugin.plugin');

class plgSSOTypeA extends JPlugin {
	/**
	 * Constructor
	 *
	 * For php4 compatability we must not use the __constructor as a constructor for plugins
	 * because func_get_args ( void ) returns a copy of all passed arguments NOT references.
	 * This causes problems with cross-referencing necessary for the observer design pattern.
	 *
	 * @param object $subject The object to observe
	 * @since 1.5
	 */
	function plgSSOTypeA(& $subject, $params) {
		parent :: __construct($subject, $params);
	}

	function detectRemoteUser() {
		return 'admin';
	}
}

A simple Type B plugin

A simple Type C plugin