Arnaud Lafon
|
Tuesday 18 November 2008 6:58:57 am
Hi Jean-Luc, assuming you're running ezp 4.0.1, you should have this in ezuser.php on line 1122 :
else // check in extensions
{
//include_once( 'lib/ezutils/classes/ezextension.php' );
$ini = eZINI::instance();
$extensionDirectories = $ini->variable( 'UserSettings', 'ExtensionDirectory' );
$directoryList = eZExtension::expandedPathList( $extensionDirectories, 'sso_handler' );
foreach( $directoryList as $directory )
{
$handlerFile = $directory . '/ez' . strtolower( $ssoHandler ) . 'ssohandler.php';
if ( file_exists( $handlerFile ) )
{
include_once( $handlerFile );
$className = 'eZ' . $ssoHandler . 'SSOHandler';
$impl = new $className();
$ssoUser = $impl->handleSSOLogin();
}
}
}
}
// If a user was found via SSO, then use it
if ( $ssoUser !== false )
{
$currentUser = $ssoUser;
$userInfo = array();
$userInfo[$id] = array( 'contentobject_id' => $currentUser->attribute( 'contentobject_id' ),
'login' => $currentUser->attribute( 'login' ),
'email' => $currentUser->attribute( 'email' ),
'password_hash' => $currentUser->attribute( 'password_hash' ),
'password_hash_type' => $currentUser->attribute( 'password_hash_type' )
);
$http->setSessionVariable( 'eZUserInfoCache', $userInfo );
$http->setSessionVariable( 'eZUserInfoCache_Timestamp', time() );
$http->setSessionVariable( 'eZUserLoggedInID', $id );
eZSessionSetUserID( $currentUser->attribute( 'contentobject_id' ) );
eZUser::updateLastVisit( $currentUser->attribute( 'contentobject_id' ) );
eZUser::setCurrentlyLoggedInUser( $currentUser, $currentUser->attribute( 'contentobject_id' ) );
eZHTTPTool::redirect( eZSys::wwwDir() . eZSys::indexFile( false ) . eZSys::requestURI(), array(), 201 );
}
The problem is that on the last line, eZHTTPTool::redirect is called with hard-coded parameters so you cannot call a different host.
What you can do is doing the redirect in your ssohandler which is called on line 1136.
Copy and paste at the end of your own loginUser() method the code in the if ( $ssoUser !== false ) { ... } and replace
eZHTTPTool::redirect( eZSys::wwwDir() . eZSys::indexFile( false ) . eZSys::requestURI(), array(), 201 )
by
<b>$parameters = array( "host" => "a_different_host", "protocol" => "http" );</b>
eZHTTPTool::redirect( eZSys::wwwDir() . eZSys::indexFile( false ) . eZSys::requestURI(), <b>$parameters</b>, 201 ) return $user; Hope this help.
Looking for information about SQLI ?
Looking for a new job in Paris ?
Please contact me at alafon [at] sqli [dot] com
|