Connecting through Zend-Auth to TikiWiki
This is an old revision of the document!
This document is exploratory, not authoritative. It likely contains errors, which as the document is on a wiki, you are invited to help fix.
http://framework.zend.com/manual/en/zend.auth.html details the Zend-Auth mechanism. As Magento is based on Zend, it is believed that Magento can authenticate through the Zend-Auth system to backend authentication schemes such as Central Authentication System (CAS) http://www.ja-sig.org/products/cas/
CAS is supported by many other platforms such as TikiWiki.
- Magento → Zend-Auth → TikiWiki (within one domain)
- Magento → Zend-Auth → CAS → TikiWiki (cross domain)
- Magento → Zend-Auth → PEARCAS → CAS → TikiWiki (cross domain)
- Magento → Zend-Auth → PhpCAS → CAS → TikiWiki (cross domain)
Magento uses Zend as a platform. It is assumed that if something can authenticate with Zend then it will be able to also authenticate to Magento.
It appears that Zend and TikiWiki may be able to share backend authentication information even without CAS. In this configuration, however, the multiple sites would have to share a domain name.
http://framework.zend.com/wiki/display/ZFPROP/Zend_Auth_Adapter_Cas outlines a CAS authenticator for Zend. It appears, however, that this has not progressed beyond Proposal, its first milestone: # Milestone 1: is “DONE” Initial proposal published for review. Not marked as done: a working prototype, unit tests, etc.
According to that page, the code is nowhere near complete. Given it’s age (March 2008, almost a year ago), and no further updates, it appears that this has not been worked on since.
Further, there is no component listed for CAS in the Zend Framework wiki: http://framework.zend.com/issues/browse/ZF - unlike Zend_Auth_Adapter_OpenID and Zend_Auth_Adapter_Ldap
- “I’m currently using the PEAR CAS library, but having CAS integrated into ZF would be great!” http://framework.zend.com/wiki/display/ZFPROP/Zend_Auth_Adapter_Cas?focusedCommentId=8947291#comment-8947291
Henry Umansky made a http://framework.zend.com/wiki/display/ZFPROP/Zend_Auth_CAS+Proposal and tells me in an email that he has been using phpCAS (http://www.ja-sig.org/wiki/display/CASC/phpCAS)
“I’d be happy to share the (phpCAS→Zend) adapter code if you are interested. I would love to continue the Zend Cas proposal by converting the code from phpCAS to Zend_Auth_Adapter_Cas. "
He shared a link to his server, noting that “We are still under development, but if you click the “Login” link, you’ll notice it redirects to our CAS server.”
For a proof of concept we need to show Magento authenticating against CAS. We can then propose to the client that tidier code would be more robust and maintainable and offer to pull phpCAS code into Zend.
I’ve asked Henry for a copy of his code.
To investigate we will begin by looking for authentication information stored in Magento.
“Authentication is driven by the Adapter in use, and performed by a quick call to the singleton (there can only be one such object globally) Zend_Auth instance.”
http://www.magentocommerce.com/boards/viewreply/32657/ shows how to write an override for Radius.
http://doc.tikiwiki.org/tiki-index.php?page=Mod%20phpcas&structure=Documentation has the method to get Tiki to authenticate against CAS.
Install from http://.../tiki-mods.php?focus=features-phpcas
and follow http://doc.tikiwiki.org/tiki-index.php?page=Mod+phpcas&bl=y in particular noting that the package is broken http://dev.tikiwiki.org/tiki-view_tracker_item.php?itemId=1229&trackerId=5
- “Magento have their own framework wrapped around Zend called Mage” http://forums.devnetwork.net/viewtopic.php?f=19&t=85055
- http://www.magentocommerce.com/boards/viewthread/8941/ - Howto override “authenticate” method in app/code/core/Mage/Admin/Model/User.php
- http://www.magentocommerce.com/boards/viewthread/9915/P45/#t102307 - Joomla /WordPress/ Drupal integration