Remote authentication

All Plugins / Auth / Remote

Identity Card

StatusCore
Plugin LabelRemote authentication
Short DescriptionAuthentication is done remotely (useful in CMS system).
Plugin Identifierauth.remote
AuthorCharles du Jeu
Urldocs/references/plugins/auth/remote
Dependencies

Documentation

Warning, if you are using this plugin in slave mode with Drupal, Joomla or Wordpress, and encounter problems for connecting to Pydio with the REST clients (iPhone/iPad, webDav), you have to upgrade the plugin. More info can be found here

Generic plugin used for integration with various CMS. In master mode, when you login, Pydio will silently call a predefined URL to also log you on the external application. In slave mode, the plugin is not straightforward to implement, you should check the wordpress and joomla implementation for more examples. Basically, in slave mode, it works as follow :


  • Install Pydio with a " standard " authentication plugin, and update your " admin " user with your own password.

  • Then switch to this auth.remote plugin in the server/conf/conf.php file.

  • In the config, set a secret key (can be anything, not necessary your admin password, beware of " anti-slashing " $ symbol).

  • It's ready to use on the Pydio part

  • In your CMS, create an authentication mechanism (generally there is also a plugin system) that can be configured with the secret key.

  • This mechanism must, at login time, include the plugins/auth.remote/glueCode.php file, the secret key being set as GLOBAL before the inclusion, as well as the $plugInAction variable, and other variable depending on the action (login, logout, addUser, etc).. See the glueCode file to check the implemented actions.

  • This way, the glueCode file switches dynamically the session to an Pydio session, logs in a user, then give back the hand to the CMS.

  • Once logged in your CMS, you should be able to access Pydio logged in as the same user.

In order to make the mobile clients working with this auth.remote plugin, you have to carefully configure the MASTER_XX options. Please see a brief description below, but above all read the dedicated description in the documentation on the website configuring-auth-remote-for-the-mobile-clients

  • MASTER_AUTH_FUNCTION will be « drupal_remote_auth« , « joomla_remote_auth » or « wordpress_remote_auth » depending on the bridge you are using. See below on how to add your own custom function if your CMS is different.
  • MASTER_HOST can be detected automatically, but otherwise set to the host of your cms installation (so it can be 192.168.0.25, or localhost, or www.mycms.com). Most generally for shared hosts it will be your real domain name, not a local adress. Warning, no trailing slahs.
  • MASTER_URI will be the path on your host to your CMS, beginning with a slash. Can be something like « /wordpress » or « /wordpress/ » … The combination of MASTER_HOST and MASTER_URI should lead to the page containing the login form.
  • MASTER_AUTH_FORM_ID : (useless for WP) The HTML identifier of the login form as it appear in the login page. You can use F12 (developer tools) in most modern browser, to inspect the HTML and find the corresponding <form> tag and it’s id attribute  : <form id= »login-form »> bla …. </form>

Instance parameters

LabelDescriptionTypeDefault
CMS Type *
CMS_TYPE
Choose a predefined CMS or define your custom valuesGroup_switch:cmswp
Local Prefix
LOCAL_PREFIX
The users created with this prefix in their identifier will be stored and handled in the local filesystem. This can be handy for managing the temporary users.String
Roles Map
ROLES_MAP
Define a map of key/values for automatically mapping roles from the CMS to Pydio.Array
Secret key
SECRET
This key must only be known by remote endString
Users *
USERS_FILEPATH
The users listStringAJXP_DATA_PATH/plugins/auth.serial/users.ser

cms
Hiddenwp
Wordpress URL
MASTER_URL
URL of your WP installation, either http://host/path or simply /path if it's on the same hostString
Login URI *
LOGIN_URI
When not in slave mode, AJXP calls the given URL as URL?name=XXX&pass=XXX&key=XXX. Else it redirect to the given URLString/wp-login.php
Master Auth Function
MASTER_AUTH_FUNCTION
User-defined function for performing real password check, necessary for REST API (including iOS client)Hiddenwordpress_remote_auth
Exit Action *
LOGOUT_ACTION
Choose the action performed when the user wants to quit Pydio : either trigger a Joomla! logout, or simply go back to the main page.Select (logout, back)back

cms
Hiddenjoomla
Joomla! URL *
MASTER_URL
Full path to Joomla! installation, either in the form of http://localhost/joomla/ or simply /joomla/String
Home node *
LOGIN_URI
Main page of your Joomla! installation that contains a login form. When not logged, accessing Pydio will redirect to this page. It's also used for the API calls for logging in a user from within Pydio. Make sure it does contain a login form!String/
Master Auth Function
MASTER_AUTH_FUNCTION
User-defined function for performing real password check, necessary for REST API (including iOS client)Hiddenjoomla_remote_auth
Auth Form ID
MASTER_AUTH_FORM_ID
The HTML ID of the form tag displayed for login on the page defined previously. Not necessary for WP, login-form by default for Joomla, and user-login-form for DrupalStringlogin-form
Exit Action *
LOGOUT_ACTION
Choose the action performed when the user wants to quit Pydio : either trigger a Joomla! logout, or simply go back to the main page.Hiddenback

cms
Hiddendrupal
Drupal URL *
MASTER_URL
Full path to Drupal installation, either in the form of http://localhost/drupal/ or simply /drupal/String
Login URL *
LOGIN_URI
Main page of your Drupal installation that contains a login form. When not logged, accessing Pydio will redirect to this page. It's also used for the API calls for logging in a user from within Pydio. Make sure it does contain a login form.String

MASTER_AUTH_FUNCTION
Hiddendrupal_remote_auth
Auth Form ID
MASTER_AUTH_FORM_ID
The HTML ID of the form tag displayed for login on the page defined previously. Not necessary for WP, login-form by default for Joomla, and user-login-form for DrupalStringuser-login-form
Exit Action *
LOGOUT_ACTION
Choose the action performed when the user wants to quit Pydio : either trigger a Joomla! logout, or simply go back to the main page.Select (logout, back)back

cms
Hiddencustom
Login URL *
LOGIN_URL
When not in slave mode, AJXP calls the given URL as URL?name=XXX&pass=XXX&key=XXX. Else it redirect to the given URLString
Logout URL
LOGOUT_URL
Redirect to the given URL on loggin outString
Custom Auth Function *
MASTER_AUTH_FUNCTION
User-defined function for performing real password check, necessary for REST API (including iOS client). Add this function inside the plugin cms_auth_functions.php fileString
Auth Driver Commons
Auto Create User
AUTOCREATE_AJXPUSER
When set to true, the user object is created automatically if the authentication succeed. Used by remote authentication systems.Booleanfalse
Login Redirect
LOGIN_REDIRECT
If set to a given URL, the login action will not trigger the display of login screen but redirect to this URL.String
Administrator Login
AJXP_ADMIN_LOGIN
For exotic auth drivers, an user ID that must be considered as admin by default.String
Auto apply role
AUTO_APPLY_ROLE
For multiple authentication, apply this role to users authenticated via this driverString