jsConnect

ptoone

I just installed a fresh install of vanilla with hopes of integrating SSO with WHMCS. I followed instructions here: http://forums.whmcs.com/showthread.php?48059-Vanilla-Forums-WHCMS-Single-Sign-On

I keep getting an array of different errors, like no password for user, signature. Both sites use SSL and I read some users had trouble with SSL. Any help on this will be appreciated.

ptoone

Also with this setup. It is not possible for users to logout of vanilla.

ptoone

I have a feeling it could be related to characters in username like " @ "

http://vanillaforums.com/discussion/4029/single-sign-on-doesn-t-work-with-accents-diacritics

x00

Have you tried setting charset header?

x00

Logout delete the cookie if same domain or use a redirect pipe.

ptoone

I checked and it looks like it is already utf-8. I think I may be missing something about setting this in the headers too.

x00

will you can record network traffic in your browser to inspect the headers.

ptoone

It is showing as utf-8 in headers. I flushed cache/cookies and I changed the $Secure = 'true'; to sha1 as mentioned in another post here and making progress as I now can connect to an account. It asks to verify password : " Enter your existing account password. "

I then get: The password you entered is incorrect.

Any ideas? Should I try MD5 of keep it set to Sha1?

x00

Btw that example is using an outmoded way of connecting to he database and it is not clear what encoding it is using or the data is store as. You should probably pre simplify user names for vanilla anyway. I would avoid the space for one. Maybe camel case the First an last names.

That example is altogether a bit crude.

ptoone

Thanks for the tips!

May be you can spot something wrong with my php code:

forumauth

<?php
require_once 'functions.jsconnect.php';;
require("dbconnect.php");
require("includes/functions.php");
// 1. Get your client ID and secret here. These must match those in your jsConnect settings.
$clientID = "######";
$secret = "################";

$user = array();

if ($_SESSION['uid']) {
$result = mysql_query("SELECT id,email,firstname,lastname FROM tblclients WHERE id=".(int)$_SESSION['uid']);
$data = mysql_fetch_array($result);
$user['uniqueid'] = $data['id'];
$user['name'] = $data['firstname'] . " " . $data['lastname'];
$user['email'] = $data['email'];
}

// 4. Generate the jsConnect string.

// This should be true unless you are testing. 
// You can also use a hash name like md5, sha1 etc which must be the name as the connection settings in Vanilla.
$secure = sha1; 
WriteJsConnect($user, $_GET, $clientID, $secret, $secure);


?>

forumlogin

<?php>
define("CLIENTAREA",true);
define("FORCESSL",true);
require("dbconnect.php");
require("https://www.example.com/includes/functions.php");
require("https://www.example.com/includes/clientareafunctions.php");

$pagetitle = $_LANG['clientareatitle'];

initialiseClientArea($pagetitle,'','');
$_SESSION['loginurlredirect'] = "https://www.example.com/vanilla/";
$templatefile = "login";
outputClientArea($templatefile);

x00

get rid of the ?>

x00

$secure = 'sha1';

x00

having a global session like $_SESSION['uid'] defeats the point of an authentication provider. It will work though but not the best practice.

x00

what is the contents of dbconnect.php?

x00

require("https://www.example.com/includes/functions.php");
require("https://www.example.com/includes/clientareafunctions.php");

why are you doing this?

x00

why do you need another login anyway? You already have a framework you want to connect to right? Use that login.

ptoone

Thanks. This is helping but still not resolved. I do not get an error now, but it does not sign me in either.

ptoone

Yes, how can I do that?

ptoone

RESOLVED. After checking pretty much everything I found the issue was caused by my user group permission roles settings. The users I was testing this with did not have permission to login, hence the authentication error.

Thanks for your help x00

x00

@ptoone said:
Yes, how can I do that?

Don't need to do anything. If the framework you are linking already has a login use that.

As much as possible standalone, script are not the way to go, when working with frameworks. You want to limit the entry point to your site.

ptoone

Is there a setting somewhere that I change to enable this?