Redirect after SSOHandler

Previous topic

Developer

Next topic

Author	Message
Jean-Luc Chassaing	Wednesday 22 October 2008 5:38:43 am My web site is behind an SSO authentification. My SSOHandler logs the correct user. My problem comes after. The SSoHandler is called in the ezuser::instance() function. Once the ssohandler has returned the correcte ezuser instance, some variables are set and then eZHTTPTool::redirect is called. The url called by the redirect is defined in the eZHTTPTool::createRedirectUrl() function with the $_SERVER['host'] variable. I need to use an other Server parameter but i don't want to hack the datatype/ezuser.php file. How can I manage that ?
Arnaud Lafon	Tuesday 18 November 2008 6:58:57 am Hi Jean-Luc, assuming you're running ezp 4.0.1, you should have this in ezuser.php on line 1122 : else // check in extensions { //include_once( 'lib/ezutils/classes/ezextension.php' ); $ini = eZINI::instance(); $extensionDirectories = $ini->variable( 'UserSettings', 'ExtensionDirectory' ); $directoryList = eZExtension::expandedPathList( $extensionDirectories, 'sso_handler' ); foreach( $directoryList as $directory ) { $handlerFile = $directory . '/ez' . strtolower( $ssoHandler ) . 'ssohandler.php'; if ( file_exists( $handlerFile ) ) { include_once( $handlerFile ); $className = 'eZ' . $ssoHandler . 'SSOHandler'; $impl = new $className(); $ssoUser = $impl->handleSSOLogin(); } } } } // If a user was found via SSO, then use it if ( $ssoUser !== false ) { $currentUser = $ssoUser; $userInfo = array(); $userInfo[$id] = array( 'contentobject_id' => $currentUser->attribute( 'contentobject_id' ), 'login' => $currentUser->attribute( 'login' ), 'email' => $currentUser->attribute( 'email' ), 'password_hash' => $currentUser->attribute( 'password_hash' ), 'password_hash_type' => $currentUser->attribute( 'password_hash_type' ) ); $http->setSessionVariable( 'eZUserInfoCache', $userInfo ); $http->setSessionVariable( 'eZUserInfoCache_Timestamp', time() ); $http->setSessionVariable( 'eZUserLoggedInID', $id ); eZSessionSetUserID( $currentUser->attribute( 'contentobject_id' ) ); eZUser::updateLastVisit( $currentUser->attribute( 'contentobject_id' ) ); eZUser::setCurrentlyLoggedInUser( $currentUser, $currentUser->attribute( 'contentobject_id' ) ); eZHTTPTool::redirect( eZSys::wwwDir() . eZSys::indexFile( false ) . eZSys::requestURI(), array(), 201 ); } The problem is that on the last line, eZHTTPTool::redirect is called with hard-coded parameters so you cannot call a different host. What you can do is doing the redirect in your ssohandler which is called on line 1136. Copy and paste at the end of your own loginUser() method the code in the if ( $ssoUser !== false ) { ... } and replace eZHTTPTool::redirect( eZSys::wwwDir() . eZSys::indexFile( false ) . eZSys::requestURI(), array(), 201 ) by <b>$parameters = array( "host" => "a_different_host", "protocol" => "http" );</b> eZHTTPTool::redirect( eZSys::wwwDir() . eZSys::indexFile( false ) . eZSys::requestURI(), <b>$parameters</b>, 201 ) return $user; Hope this help. Looking for information about SQLI ? Looking for a new job in Paris ? Please contact me at alafon [at] sqli [dot] com
Jianjun Hu	Thursday 18 June 2009 12:25:49 am Maybe I meet the similar problem. My eZ Publish is 4.1.3. I'm try to work out. OnlyBlue ☆．．·°∴°．☆°°．☆°． °∴ °☆ ．·enjoy star° ．·★°∴° ∴°．°★ ．·° 　ミ☆°∴°．★☆° ∴·° °．☆° ．·∴°　 Is it a pleasure after all to practice in due time what one has learnt?

Author

Message

Jean-Luc Chassaing

Wednesday 22 October 2008 5:38:43 am

My web site is behind an SSO authentification.

My SSOHandler logs the correct user. My problem comes after.

The SSoHandler is called in the ezuser::instance() function.

Once the ssohandler has returned the correcte ezuser instance, some variables are set and then eZHTTPTool::redirect is called.

The url called by the redirect is defined in the eZHTTPTool::createRedirectUrl() function with the $_SERVER['host'] variable.

I need to use an other Server parameter but i don't want to hack the datatype/ezuser.php file.

How can I manage that ?

Arnaud Lafon

Tuesday 18 November 2008 6:58:57 am

Hi Jean-Luc,

assuming you're running ezp 4.0.1, you should have this in ezuser.php on line 1122 :

                    else // check in extensions
                    {
                        //include_once( 'lib/ezutils/classes/ezextension.php' );
                        $ini = eZINI::instance();
                        $extensionDirectories = $ini->variable( 'UserSettings', 'ExtensionDirectory' );
                        $directoryList = eZExtension::expandedPathList( $extensionDirectories, 'sso_handler' );
                        foreach( $directoryList as $directory )
                        {
                            $handlerFile = $directory . '/ez' . strtolower( $ssoHandler ) . 'ssohandler.php';
                            if ( file_exists( $handlerFile ) )
                            {
                                include_once( $handlerFile );
                                $className = 'eZ' . $ssoHandler . 'SSOHandler';
                                $impl = new $className();
                                $ssoUser = $impl->handleSSOLogin();
                            }
                        }
                    }
                }
                // If a user was found via SSO, then use it
                if ( $ssoUser !== false )
                {
                    $currentUser = $ssoUser;

                    $userInfo = array();
                    $userInfo[$id] = array( 'contentobject_id' => $currentUser->attribute( 'contentobject_id' ),
                                            'login' => $currentUser->attribute( 'login' ),
                                            'email' => $currentUser->attribute( 'email' ),
                                            'password_hash' => $currentUser->attribute( 'password_hash' ),
                                            'password_hash_type' => $currentUser->attribute( 'password_hash_type' )
                                            );
                    $http->setSessionVariable( 'eZUserInfoCache', $userInfo );
                    $http->setSessionVariable( 'eZUserInfoCache_Timestamp', time() );
                    $http->setSessionVariable( 'eZUserLoggedInID', $id );
                    eZSessionSetUserID( $currentUser->attribute( 'contentobject_id' ) );

                    eZUser::updateLastVisit( $currentUser->attribute( 'contentobject_id' ) );
                    eZUser::setCurrentlyLoggedInUser( $currentUser, $currentUser->attribute( 'contentobject_id' ) );
                    eZHTTPTool::redirect( eZSys::wwwDir() . eZSys::indexFile( false ) . eZSys::requestURI(), array(), 201 );

                }

The problem is that on the last line, eZHTTPTool::redirect is called with hard-coded parameters so you cannot call a different host.

What you can do is doing the redirect in your ssohandler which is called on line 1136.
Copy and paste at the end of your own loginUser() method the code in the if ( $ssoUser !== false ) { ... } and replace
eZHTTPTool::redirect( eZSys::wwwDir() . eZSys::indexFile( false ) . eZSys::requestURI(), array(), 201 )
by
<b>$parameters = array( "host" => "a_different_host", "protocol" => "http" );</b>
eZHTTPTool::redirect( eZSys::wwwDir() . eZSys::indexFile( false ) . eZSys::requestURI(), <b>$parameters</b>, 201 )
return $user;

Hope this help.

Looking for information about SQLI ?
Looking for a new job in Paris ?
Please contact me at alafon [at] sqli [dot] com

Jianjun Hu

Thursday 18 June 2009 12:25:49 am

Maybe I meet the similar problem. My eZ Publish is 4.1.3. I'm try to work out.

OnlyBlue

☆．．·°∴°．☆°°．☆°．
°∴ °☆ ．·enjoy star° ．·★°∴°
∴°．°★ ．·°
　ミ☆°∴°．★☆° ∴·°
°．☆° ．·∴°　

Is it a pleasure after all to practice in due time what one has learnt?