Hello all, I need to implement a SSO solution for Moodle and Zope. My use case is: 1. The user logs in Zope. 2. Zope logs in Moodle (in behalf of the user) and forwards the authentication cookie to the client. I suppose that the user has the same credentials in Zope and Moodle. I'm trying to implement a script like the one shown below but it seems too tricky and it does not work. Has anybody implemented this kind of sso with zope and moodle or whatever? Thank you very much! My script now looks like this: URL_AUTH = 'http://localhost/moodle/login/index.php' params = {'username':'foo', 'password':'bar'} conn = urllib2.urlopen(URL_AUTH, urlencode(params)) mycookie = conn.info().getheaders('Set-Cookie')[-1] # Get the cookie MOODLEID_ name = mycookie[0: int(mycookie.find("="))] # Get the name value = mycookie[mycookie.find("=")+1: mycookie.find(";")] # The value self.REQUEST.RESPONSE.setCookie(name, value, path='/moodle', domain='localhost') self.REQUEST.RESPONSE.redirect("http://localhost/moodle")
Jose Luis de la Rosa Triviño wrote at 2007-2-19 13:07 +0100:
I need to implement a SSO solution for Moodle and Zope. My use case is:
1. The user logs in Zope. 2. Zope logs in Moodle (in behalf of the user) and forwards the authentication cookie to the client.
I suppose that the user has the same credentials in Zope and Moodle.
I'm trying to implement a script like the one shown below but it seems too tricky and it does not work. Has anybody implemented this kind of sso with zope and moodle or whatever?
We perform a remote login from one Zope instance on another Zope instance. The remote login puts the user identity into an encrypted token (together with a timestamp, to make replay attacks more difficult) and sends it to the second instance. This decrypts and checks the token and then performs its own login based on the user identity information. The same will work with any systems, not only Zope ones. -- Dieter
I'm trying to implement a script like the one shown below but it seems too tricky and it does not work. Has anybody implemented this kind of sso with zope and moodle or whatever? We're using Zope and PHP apps with SSO build with use of CAS. Works good. For zope you'll find CAS4PAS authentication plugin for PHP I don't remember how it is called. CAS itself is java based application.
-- Maciej Wisniowski
Thanks to both, finally I implemented a very easy solution similar to the one proposed by Dieter, although i hope to convince my boss about the CAS solution. JL. Maciej Wisniowski wrote:
I'm trying to implement a script like the one shown below but it seems too tricky and it does not work. Has anybody implemented this kind of sso with zope and moodle or whatever?
We're using Zope and PHP apps with SSO build with use of CAS. Works good. For zope you'll find CAS4PAS authentication plugin for PHP I don't remember how it is called. CAS itself is java based application.
participants (3)
-
Dieter Maurer -
Jose Luis de la Rosa Triviño -
Maciej Wisniowski