RSS

LuxCal Forum

The place for questions, suggestions and news about the LuxCal Event Calendar

User:   Password:   Remember Me?   
LuxCal Forum / General / Support / SSO Single signon with phpBB
Posted:  22 Feb 2014 23:50
Does anyone here have (or know of) any detailed description of how to integrate the single sign on with phpBB forum?
I have searched LuxCal and phpBB forums (and the internet), but I have not been able to find enough information to make it work.

phpBB has some info on integration in eg. https://www.phpbb.com/kb/article/phpbb3-sessions-integration/ and https://www.phpbb.com/kb/article/add-a-new-custom-page-to-phpbb/, but it seems that phpBB does not use the PHP-session, on which LuxCal based the single sign on. And my attempts to customize phpBB to use sessions failed.

As described in the SSO instructions in the LuxCal installation guide, I tried to add lines to phpBB's ucp.php script in the case 'login' section
        session_start();
        $_SESSION['lcUser'] = $user->data['user_email'];
but no luck.

I don't know that much about phpBB nor php coding, so any help would be greatly appreciated.
Finn
Posted:  12 Mar 2014 20:59   Last Edited By: Roel B.
Update:

I got a little help from a php-shark, and now it works (most of the time, anyway).

In phpBB's index.php, I added these lines of code after phpBB's own start of session management
if ($user->data['is_registered'])
{
    session_set_cookie_params(0, '/luxcal/', '<domainname.com>');
    session_start();
    $_SESSION['lcUser'] = $user->data['user_email'];
}


Without the session_set_cookie_params, two PHPSESSION cookies are created, and luxcal doesn't find the one I made. I tested this with LuxCal v3.2.1 and v3.2.2, both seem to work the same way.

The trailing slash in the cookie path ('/luxcal/') seems to be important too, as it didn't work without it.
Also the cookie domain name had to be set explicitly (to '<domainname.com>'), as the default included 'www.'. This last one may depend on the server and PHP configuration of the hosting system.


There has been some instances, where, after logging out of the calendar, I was not logged in automatically on the next visit. I was not able to find the pattern and cause for this. But most of the time, it works smile

I tried to use the variable $config['server_name'] instead of constant value '<domainname.com>', but the variable includes 'www.', and thus just works the same as the default parameter).


This solution relies on the fact, that phpBB login always redirects to index.php. It will work for normal login, as well as for permanently logged in phpBB-users, as long as they open the forum front page first. If the user bookmarks a direct link to a certain forum page with the calender, the index.php code will never be executed, and therefore the single sign on will not be in effect.


Any tips on how to improve the code (ie. not to use constant values) would be welcomed.


Regards
Finn