Please upgrade here. These earlier versions are no longer being updated and have security issues.
HackerOne users: Testing against this community violates our program's Terms of Service and will result in your bounty being denied.

[Solved] Authentication help needed

I've created a forum hosted on my university's servers. I'm trying to integrate it with their Cosign authentication scheme. Currently, the $_SERVER['REMOTE_USER'] variable is populated with the user's username. That is all the information I have to work with.

What I want is for users who come to the site already authenticated by Cosign to be automatically logged in. I want them to be able to edit their account though, so they can add their first/last name and all posts can be associated with that account. So basically unlike ProxyConnect, I want Vanilla to manage the user info but skip the registration/login processes.

I can figure out how to write the code, I just have no idea where to put it. In a nutshell I need to write code that is called every time Vanilla checks to see whether a user is logged in. Assuming a user is authenticated by cosign, it will check and see if there's already a Vanilla user created for that cosign username. If not, it will create the user and automatically log them in. If there is, it will just log them in automatically. This process should be seamless, so if I gave someone a link to the site it would appear as if they were already logged in.

Any help would be very much appreciated.


  • I guess this is a more complicated question than I anticipated.

    Maybe this will be simpler: if I want code run on every page prior to Vanilla checking cookies and determining whether a user is logged in, where is the best place to put it? Are there hooks made for this or should I just add code to bootstrap.php?
  • I figured out how to do what I wanted using ProxyConnect.
Sign In or Register to comment.