Please upgrade here. These earlier versions are no longer being updated and have security issues.
HackerOne users: Testing against this community violates our program's Terms of Service and will result in your bounty being denied.

auto-login or auto authentication help for Vanilla 2

edited November 2009 in Vanilla 2.0 - 2.8
I've downloaded Vanilla and am incorporating it into a members-only site I run which already utilizes a log-in system. I am trying to figure out how to use the already existing logged in sessions and push them to the Vanilla session so that when a user logs into the site and navigates to the Vanilla Forum, they don't have to log into the forum as well.

Any suggestions?


  • Options
    LincLinc Detroit Admin
    Have you checked out the Single Sign On addon? Is it a custom log-in system or a commercially available one?

    If feasible it would probably be better to authenticate with Vanilla and then bridge it to the other system. My understanding is that Vanilla2/Garden is designed to be the core of a site-wide user login system rather than the part being tacked on.
  • Options
    edited November 2009
    custom log-in system - basic too. I searched for the 'Single Sign On' add-on but nothing came up.
  • Options
    There is an officially support Single Sign On add-on. When I installed it, it didn't work. Essentially, it just adds this to your /conf/config.php file:

    $Configuration['Garden']['Authenticator']['Type'] = 'Handshake';
    $Configuration['Garden']['Authenticator']['AuthenticateUrl'] = '';
    $Configuration['Garden']['Authenticator']['Encoding'] = 'json';
    $Configuration['Garden']['Authenticator']['SignInUrl'] = '';
    $Configuration['Garden']['Authenticator']['SignOutUrl'] = '';
    $Configuration['Garden']['Authenticator']['RegisterUrl'] = '';

    All you have to do is give values to SignInUrl, SignOutUrl, RegisterUrl -- which are where your normal login and register forms are -- and AuthenticateUrl, which links to a page with json data about the user who's logged in through your site --

    i.e., the page should dump information like this:


    other values that can be imported include Gender.... and you can handle any other variables you'd like to add.

    ...PERSONALLY, this worked extremely poorly for me. I had to re-write /library/core/class.handshakeauthenticator.php to handle my site's custom session API. In hindsight, it'd be better to have written a class.WHATEVERauthenticator.php with a class that implements GDI_Authenticator and set $Configuratio[Garden][Authenticator][Type]='WHATEVER' to keep the integrity of the Garden codebase.
Sign In or Register to comment.