Is it possible to integrate Vanilla with existing LDAP directory?

sethpnc

We have a large community (70,000+) with users stored in an LDAP directory. Are there known approaches for letting the LDAP control the users or authentication? We could write custom code to pass cookie information to Vanilla. We could also write code to create Vanilla user upon first visit.

Has anyone done anything like this? I've noticed a plug-in called ProxyConnect that might seem related.

matthewkris

ProxyConnect is exactly what you need. Enable this and then follow the guide to write the file that ProxyConnect looks for to determine logins:

http://vanillaforums.org/page/singlesignon

judgej

ProxyConnect requires external URLs (on the same domain as Vanilla) that will:

1. Provide a login page to go to if the user is not logged in.

2. Provide a logout page that can be used to log the user out.

3. Provide an "authentication" page that delivers details of the user currently logged in.

Those pages should be supplied external application that handles user sessions of its own, based on whatever source of user authentication it has access to. Normally that application would be a CMS e.g. Wordpress, or just about any other CMS. In your case it will be tiny application that logs users in and out using LDAP as the authentication source and source of user details (full name, username, email address). You don't need to mess around with Vanilla Cookies - let Vanilla handle that.