[Phpmyadmin-git] [SCM] phpMyAdmin branch, master, updated. RELEASE_3_4_2RC1-3168-gcf6312f
Michal Čihař
nijel at users.sourceforge.net
Mon Jun 6 17:14:03 CEST 2011
The branch, master has been updated
via cf6312f5278f922ab420d501200b175eba987c5e (commit)
via 72886c3c8a6cf2a01ea40f01c7d7c4c981a3a4e7 (commit)
from db07b65c657162ce04c50ec1164390f0fb68b905 (commit)
- Log -----------------------------------------------------------------
commit cf6312f5278f922ab420d501200b175eba987c5e
Author: Michal Čihař <mcihar at novell.com>
Date: Mon Jun 6 17:08:35 2011 +0200
Clarify documentation
commit 72886c3c8a6cf2a01ea40f01c7d7c4c981a3a4e7
Author: Michal Čihař <mcihar at novell.com>
Date: Mon Jun 6 17:08:02 2011 +0200
Add option to call extenal script from signon method
-----------------------------------------------------------------------
Summary of changes:
Documentation.html | 28 +++++++++++++++++++++-------
libraries/auth/signon.auth.lib.php | 14 +++++++++++++-
libraries/config.default.php | 7 +++++++
scripts/signon.php | 6 +++---
4 files changed, 44 insertions(+), 11 deletions(-)
diff --git a/Documentation.html b/Documentation.html
index 6e98747..6f66b64 100644
--- a/Documentation.html
+++ b/Documentation.html
@@ -759,13 +759,17 @@ since this link provides funding for phpMyAdmin.
<li>'signon' authentication mode
(<tt>$auth_type = 'signon'</tt>)
as introduced in 2.10.0 allows you to log in from prepared PHP
- session data. This is useful for implementing single signon
- from another application. Sample way how to seed session is in
- signon example: <code>scripts/signon.php</code>. There is also
- alternative example using OpenID -
- <code>scripts/openid.php</code>. You need to
+ session data or using supplied PHP script. This is useful for implementing single signon
+ from another application.
+
+ Sample way how to seed session is in signon example: <code>scripts/signon.php</code>.
+ There is also alternative example using OpenID - <code>scripts/openid.php</code> and
+ example for scripts based solution - <code>scripts/signon-script.php</code>.
+
+ You need to
configure <a href="#cfg_Servers_SignonSession"
- class="configrule">session name</a> and <a
+ class="configrule">session name</a> or <a href="#cfg_Servers_SignonScript"
+ class="configrule">script to be executed</a> and <a
href="#cfg_Servers_SignonURL" class="configrule">signon
URL</a> to use this authentication method.</li>
</ul>
@@ -1320,10 +1324,20 @@ CREATE DATABASE,ALTER DATABASE,DROP DATABASE</pre>
<dt><span id="cfg_Servers_CountTables">$cfg['Servers'][$i]['CountTables']</span> boolean</dt>
<dd>Whether to count the number of tables for each database when preparing the list of databases for the navigation frame.
</dd>
+ <dt><span id="cfg_Servers_SignonScript">$cfg['Servers'][$i]['SignonScript']</span> string</dt>
+ <dd>Name of PHP script to be sourced and executed to obtain
+ login credentials. This is alternative approach to session based single
+ signon. The script needs to provide function
+ <code>get_login_credentials</code> which returns list of username and
+ pasword, accepting single parameter of existing username (can be empty).
+ See <code>scripts/signon-script.php</code> for an example.
+ </dd>
<dt><span id="cfg_Servers_SignonSession">$cfg['Servers'][$i]['SignonSession']</span> string</dt>
<dd>Name of session which will be used for signon authentication method.
You should use something different than <code>phpMyAdmin</code>, because
- this is session which phpMyAdmin uses internally.
+ this is session which phpMyAdmin uses internally. Takes effect only if
+ <a href="#cfg_Servers_SignonScript" class="configrule">SignonScript</a>
+ is not configured.
</dd>
<dt><span id="cfg_Servers_SignonURL">$cfg['Servers'][$i]['SignonURL']</span> string</dt>
<dd>URL where user will be redirected to log in for signon authentication method. Should be absolute including protocol.
diff --git a/libraries/auth/signon.auth.lib.php b/libraries/auth/signon.auth.lib.php
index 0735020..e095829 100644
--- a/libraries/auth/signon.auth.lib.php
+++ b/libraries/auth/signon.auth.lib.php
@@ -60,6 +60,9 @@ function PMA_auth_check()
return false;
}
+ /* Script name */
+ $script_name = $GLOBALS['cfg']['Server']['SignonScript'];
+
/* Session name */
$session_name = $GLOBALS['cfg']['Server']['SignonSession'];
@@ -78,8 +81,17 @@ function PMA_auth_check()
/* Are we requested to do logout? */
$do_logout = !empty($_REQUEST['old_usr']);
+ /* Handle script based auth */
+ if (!empty($script_name)) {
+ if (! file_exists($script_name)) {
+ PMA_fatalError(__('Can not find signon authentication script:') . ' ' . $script_name);
+ }
+ require $script_name;
+
+ list ($PHP_AUTH_USER, $PHP_AUTH_PW) = get_login_credentials($cfg['Server']['user']);
+
/* Does session exist? */
- if (isset($_COOKIE[$session_name])) {
+ } elseif (isset($_COOKIE[$session_name])) {
/* End current session */
$old_session = session_name();
$old_id = session_id();
diff --git a/libraries/config.default.php b/libraries/config.default.php
index d6e47c2..1a478b7 100644
--- a/libraries/config.default.php
+++ b/libraries/config.default.php
@@ -213,6 +213,13 @@ $cfg['Servers'][$i]['password'] = '';
$cfg['Servers'][$i]['SignonSession'] = '';
/**
+ * PHP script to use for 'signon' authentication method
+ *
+ * @global string $cfg['Servers'][$i]['SignonScript']
+ */
+$cfg['Servers'][$i]['SignonScript'] = '';
+
+/**
* URL where to redirect user to login for 'signon' authentication method
*
* @global string $cfg['Servers'][$i]['SignonURL']
diff --git a/scripts/signon.php b/scripts/signon.php
index e585625..d80c1cf 100644
--- a/scripts/signon.php
+++ b/scripts/signon.php
@@ -3,9 +3,9 @@
/**
* Single signon for phpMyAdmin
*
- * This is just example how to use single signon with phpMyAdmin, it is
- * not intended to be perfect code and look, only shows how you can
- * integrate this functionality in your application.
+ * This is just example how to use session based single signon with
+ * phpMyAdmin, it is not intended to be perfect code and look, only
+ * shows how you can integrate this functionality in your application.
*
* @package phpMyAdmin
* @subpackage Example
hooks/post-receive
--
phpMyAdmin
More information about the Git
mailing list