Vanilla论坛和CAKEPHP与ProxyConnect SingleSignOn（SSO）集成

Question

I have been trying in vain for many hours to get this working. I have scoured the forums and cannot for the life of me get this to work. Any illumination on the matter would be much appreciated.

I am running:
Vanilla version 2.0.17.8
ProxyConnect version 1.8.4
Cakephp Version 1.3.3
Croogo Version 1.3.2 (cakephp CMS)

I have installed the Vanilla forum in a subfolder app/webroot/vanilla

Install goes smoothly and I upload the proxyconnect plugin into the vanilla plugins folder. I activate it, and the load the following urls (I have taken out http:// because I am only allowed to post 2 links as I am a newbie here)

• Main Site URL The URL of your website where you will use ProxyConnect
  localhost:8888/cmrs

• Authenticate URL The behind-the-scenes URL that shares identity information with Vanilla
  localhost:8888/cmrs/users/authenticate

• Registration URL The URL where users can sign up for new accounts on your site
  localhost:8888/cmrs/register

• Sign-In URL The URL where users sign in on your site
  localhost:8888/cmrs/users/login?vanilla=1

• Sign-Out URL The URL where users sign out of your site
  localhost:8888/cmrs/users/logout?vanilla=1

I have created an action in my users_controller called authenticate()

public function authenticate() {
    $this->layout = 'ajax';
    $this->header('Content-Type: text/plain');
    if($this->Auth->user()) {        
        $data = $this->Auth->user();
        $this->set('data', $data);
    }
}

I have created a view authenticate.ctp which outputs the data correctly if you access it directly and you are logged in

<?php  
if(isset($data)) {
    echo 'UniqueID='.$data['User']['id']."\n";
    echo 'Name='.$data['User']['username']."\n";
    echo 'Email='.$data['User']['email']."\n";
    echo 'TransientKey='."\n";
    echo 'DateOfBirth='."\n";
    echo 'Gender=';
}
?>

Outputs

UniqueID=1
Name=admin
Email=you@your-site.com
TransientKey=
DateOfBirth=
Gender=

In vanilla config.php I have set

$Configuration['Garden']['Cookie']['Domain'] = '.localhost';

In Cakephp bootstrap.php I have set

ini_set('session.cookie_domain', '.localhost');

So, after all that when I click on signin from vanilla I get redirected to the cake app login and when I login I am not logged in in Vanilla Forum.

When I logout from Vanilla I get redirected to the cake app and am logged out from that but not from Vanilla.

Any suggestions would be greatly appreciated.

Answer 1

Get rid of

TransientKey=
DateOfBirth=
Gender=

from your output as this will fail the ini string format due to blank strings

Answer 2

Firstly, I have been stung once in the past when working with CakePHP's AuthComponent , with cookies not working the way I had expected on localhost . I didn't spend too much time investigating as the code worked in the production environment (on a real domain name).

I suggest you add an entry to your hosts file with a realistic looking domain name. Assuming your production URL will be http://www.example.com/ or http://forum.example.com/ , you can map a fake development subdomain to that same domain name by updating your hosts file like so:

127.0.0.1       localhost dev.example.com

You would then access your development environment using http://dev.example.com:8888/ instead of http://localhost:8888/ . After that, you would then need to update all the URLs in the Proxyconnect settings, and the cookie domains in the Vanilla/CakePHP configuration files to match this new domain.

// http://dev.example.com:8888/cmrs
// http://dev.example.com:8888/cmrs/users/authenticate
// http://dev.example.com:8888/cmrs/register
// http://dev.example.com:8888/cmrs/users/login?vanilla=1
// http://dev.example.com:8888/cmrs/users/logout?vanilla=1
$Configuration['Garden']['Cookie']['Domain'] = '.example.com';
ini_set('session.cookie_domain', '.example.com');

Secondly, you should be using a development tool to inspect any cookies being created, making sure they are actually being created with the correct domain and path settings (I guess CakePHP should be creating cookies that Proxyconnect can see). A popular combination for doing this easily is to use Firefox + Firebug + Firecookie , but many new browsers have these tools built in (eg. the Resources tab in Chrome's included Developer Tools ).

If CakePHP (or Vanilla) is installed in a subdirectory, you may need to check cookies are not being created that are "sandboxed" within the subdirectory. I believe CakePHP will do this by default unless you ini_set('session.cookie_path', '/'); .

Also, when CakePHP's Security.level setting has a value of high , it will regenerate a (random) session ID on each request. I would set this to medium , at least while testing.