CMS Made Simple Forums

Hi;

I'm evaluating CMS'es and like what I see in CMSMS so far. However, the environment in which CMSMS would be deployed requires centralised sign on, and I see no plugins for that so far and the user/group/access manager seems a very integral part of CMSMS. Does the plugin architecture allow for user/group management to be taken over by a module, so that single sign on could be realised by writing such a module?

Thanks in advance and keep up the great work.

In CMS, users are separated into Admin users (admin users of any sort), and Frontend users.  Frontend user signon is handled by addon modules as follows:

a) SelfRegistration
    Allows users to register themselves to the site.  This module is extremely useful for sites that have large numbers of frontend users, but is optional for smaller sites if the administrator/s is/are willing to manage the accounts manually.

b) FrontendUsers
    Provides the login/logout/settings/lost password functionality for frontend users

c) CustomContent
    Allows different content to be displayed to different users, groups or based on day,month,year,hour or minute.

There is currently (I only have 10 fingers) no integration between the frontend and the backend user management.  It can be done, it's just a matter of time.

Hope this helps.

Perhaps I was a bit unclear: the environment in which CMSMS would be used requires single-sign on between a number of different system - in order for CMSMS to be practical for us, we need to be able to map between an existing centralised logon system and CMSMS' user management.

As I understand modules that e.g. allow self registration, they still use the CMSMS user database. What I'd like to know is whether the plugin architecture supports delegating authentication and authorisation (based on groups) to modules, so that I could write a plugin that glues CMSMS to the single sign on system we use without resorting to patching the actual CMSMS scripts themselves.

Regards,
Eek!

hmm, I bet you cant do it with a hook or a plugin. but you might be able to do it directly in php...


look in class.useroperations.inc.php, basically you just need to replace the mysql parts with ldap (and leave adding and deleting out


but this isnt SSO, its just centralized user db.

to get SSO you need to for example generate a link with encrypted userinformation in some intranet site and when user clicks that link he/she goes to cmsms installation and is logged in with that information.

Or some other method of checking if the user has already signed in somewhere, but it would still require hacking the core....


Id love to see a possibility for modules to overwrite core functions but its kinda hard to implement... (or maybe we should modularize core more and have Users module which could then be uninstalled and UsersLdap module could replace it...)

maybe in 3.0

I really like that idea, actually.  Having pieces of the core as modules which can be replaced would be great for users.

Have a simple version included.  Make an ldap version for the people that want it.  Heck, have FEU replace the users functionality totally when you want frontend logins.  etc.