Solved

Auto logging into forums on a different website.

Posted on 2011-03-23
8
317 Views
Last Modified: 2012-05-11
Hello All,
I'm in the process of integrating my forums (vBulletin4) with my website. My website (Wordpress) and my forums are not on the same server. I need assistance with how to pass vBulletin authentication to a different server.

Example: my website is located at www.website.com and that is where my users will login, when they click on the forums links they will be taken to www.forums.com. I need to have them be automatically logged in when they reach www.forums.com. They will have matching credentials on both website.com and forums.com.

Thanks much,
0
Comment
Question by:onBasics
  • 4
  • 3
8 Comments
 
LVL 17

Expert Comment

by:Shinesh Premrajan
ID: 35204919
Its seems more like a SSO integration to your website, But this can be resolved without actuially implementing the SSO totally.

Since the user details are same for both the sites, You need to create a script that will encrypt the username and password and send this to a link in the forums website, forums website will decrypt the details and chk both the credentials locally which definately will be sucess, hence allowing the user to logged in to the forums

Hope this helps
0
 

Author Comment

by:onBasics
ID: 35206043
What kins of script are we talking about here?
Can you provide an example?

Thank you!
0
 
LVL 109

Expert Comment

by:Ray Paseur
ID: 35208049
You may not find a ready-made example, but I can tell you some of the concepts you have to deal with.  First of all, if you can do it, make the forums have a URL like www.website.com/forums/ -- if you can do that, you can use setcookie() in the login process for www.website.com to permit the cookie to be visible to all sub-directories.  This will work nicely with session cookies.  I think you will find that easiest.

If you MUST have different domain names, then you have a couple of choices.  Sending the credentials by using CURL POST method is certainly one way to try it.  But bear in mind that the cookie that gets set by the login process on the forums site will be sent to the script that initiated the CURL call.  I don't know how you might put this cookie on the client browser, since it will be a cookie for a different domain.  I would expect that the client browser would reject that.

You might have a login hook in the forums site.  When the client goes from WP to the forum, your login script for the forum would call a web service script on the WP site, saying in effect, "is this client already logged in?"  The WP script could use its cookie to verify the client status and return a yes/no signal to the forums site.  I think for this to work, the login status on the WP site might need to be kept in a persistent cookie - not sure about that.

In any case, give yourself some time for the development here.  You will probably find that WP and vBulletin have lots of layers of code that stand between you and any easy, direct implementation.  Good luck with it, ~Ray
0
Migrating Your Company's PCs

To keep pace with competitors, businesses must keep employees productive, and that means providing them with the latest technology. This document provides the tips and tricks you need to help you migrate an outdated PC fleet to new desktops, laptops, and tablets.

 

Author Comment

by:onBasics
ID: 35388022
After a lot of experimenting, we have decided to just do the whole encryption -> decryption option.  However, I have concerns with the safety of this.  What is a good way to pass the information from one website to another without compromising security?  Also, what is a good way to encrypt information and then be able to decrypt it.  I know how to salt passwords and such but they are all one way encryption .

If at all possible, can you please provide an example of this?

Thanks!
0
 
LVL 109

Expert Comment

by:Ray Paseur
ID: 35389521
Just put the communication behind HTTPS and let the protocol do the encryption for you.  Almost like magic, and very easy to get right!
0
 

Author Comment

by:onBasics
ID: 35443738
Can you give some stepping stones to work with?
With an SSL certificate, isn't that only for 1 domain? How can we make this work since its 2 different domains.

Tia!
0
 
LVL 109

Accepted Solution

by:
Ray Paseur earned 500 total points
ID: 35447136
Uhh, get two SSL certificates, one for each domain, right?  Then access each domain via HTTPS.
0
 

Author Comment

by:onBasics
ID: 35961323
Thanks for the help.
We actually moved the forums and website all to the same server to get rid of the possible problems and create a strong environment in the future.

Going to award you the points because this is a great thread to have archived.
0

Featured Post

Gigs: Get Your Project Delivered by an Expert

Select from freelancers specializing in everything from database administration to programming, who have proven themselves as experts in their field. Hire the best, collaborate easily, pay securely and get projects done right.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
PHP and google maps 13 41
write screen output to text file 21 45
PHP not parsing ' character 12 37
Using coldfusion <cfexecute> to restore mysql database 7 27
Nothing in an HTTP request can be trusted, including HTTP headers and form data.  A form token is a tool that can be used to guard against request forgeries (CSRF).  This article shows an improved approach to form tokens, making it more difficult to…
Developer portfolios can be a bit of an enigma—how do you present yourself to employers without burying them in lines of code?  A modern portfolio is more than just work samples, it’s also a statement of how you work.
This tutorial demonstrates how to identify and create boundary or building outlines in Google Maps. In this example, I outline the boundaries of an enclosed skatepark within a community park.  Login to your Google Account, then  Google for "Google M…
The viewer will learn how to create and use a small PHP class to apply a watermark to an image. This video shows the viewer the setup for the PHP watermark as well as important coding language. Continue to Part 2 to learn the core code used in creat…

813 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now