Can Modx setup to use authentication from other site?

Can Modx setup to use authentication from other site?

I have a wild idea whether Modx can be use to get user login from other site or packages.

Another word if I want to integrate Modx to my existing site using Mambo user database, so can I get user validation from Mambo and then display the page accordingly?

If it is possible then I would be able to piece by piece replace Mambo functionalities with Modx modules or snippet then eventually the whole site.

Thanks in advance

Sure you can. Have a look at the OnManagerAuthentication event:

The OnManagerAuthentication fires before authenticating user’s password. The $savedpassword parameter contains the password stored inside the database. Returning the value TRUE (e.g. $e->output(TRUE)) will indicate that authentication was successful.

For example, create a plugin that listens to this event:

// Event switch
switch($e->name) {
case "OnManagerAuthentication ":
// add code here to connect to Mambo system
// and use $username and $userpassword variables to authenticate the login
// you might want to use an existing modx account as an alias for the user login
// if($success) $e->output(TRUE);
break;
}

See also OnWebAuthentication event

Another way to do this is to use the OnBeforeManagerLogin event. This will allow you to use an existing modx account as an alias to simulate mambo user login.

Using Modx user as an alias would be good for post migration to access some old document in Mambo or others CMS but to start the migration it would be best to use others CMS users table to do the authenticate and Modx should only care whether the user is authenticated or not in the begining without taking advantage of Modx permission and role during the migration from any CMS.

I see a lot of people asking question like these:
. How do I integrate this CMS with this CMS?
. What if I don’t want to use the permission feature in this CMS but use the others?
. How do I mirgate from this CMS to ths CMS?
. How do I integrate this CMS to a forum like phpBB as a frontend?
etc...

The one thing to bear in mind is that MODx requires the user permissions to be set before it allows them to access the various parts of the manager. If these permissions are not set then the system will not allow the user access to the secured sections of the manager.

If you should try to overide the permissions then we have no way of telling who is allowed to do what. That’s why I think having an alias account with the proper permissions enabled can be used as means for grouping your Mambo users.

A Mambo Connector plugin can be used to authenticate Mambo users and mapping those user accounts to an existing manager account. These MODx accounts are used as an alias to Mambo users to provide things like role and group assignments. In other words you can use one manager account with multiple Mambo user accounts.

example:

Mambo User MODx User
-------------------------------
Mary -> MamboUserDemo1
Tom -> MamboUserDemo1
Kim -> MamboUserDemo1
Jane -> MamboUserDemo2
Paul -> MamboUserDemo2

Whenever Mary, Tom or Kim logs into the manager they will have the same access rights as that of the MamboUserDemo1 account while Jane and Paul will have the access rights as that of MamboUserDemo2.

The only problem here is that you’ll not be able to track who did what inside the Audit trail, because the system will not show the Mambo user (Mary) but the MODx user name (MamboUserDemo1).

Raymond,

That is properly a good way to do it during the migration process. And the finally cut over would be a snippet or something to import Mambo user table over to Modx so that the user don’t have to register again.

I did this when I migrate from PHP-Nuke to PHPWebSite and then from PHPWebSite to Mambo. We preserve all user login and password. It was painless to our users and they loved it!

One other thing is the password in Modx use MD5?
Will I be able to import password from Mambo or others CMS that use MD5 into Modx?
Is there an API call that let me easily do the importing of user login and password into Modx?

Thanks

Hi Chanh,

Would you believe me if I told you that we did something similar for SMF forums?

The beauty about that system was that you could import SMF users directly into MODx with requiring any change to the user’s password. The catch with SMF is that it didn’t use pure MD5 as did MODx so we had to setup trap the OnWebAuthentification event to authenticate the SMF users before MODx did.

Using the SMF example you will be able to create a user authentification plugin to intercept user logins for imported users. This means that you can import users from Mambo, SMF, etc and then have the various plugins authenticate the user.

You can download the SMF module here:
http://modxcms.com/forums/index.php/topic,549.msg3068.html#msg3068

Raymond,

I will take a look!

Thanks

Just a thought : did you think about the OpenID alternative ?

I am no coder, just throwing ideas there...

FYI, I have some plans I need to sketch up for everyone regarding future identity management and how we can make this one of the best federated user systems available, basically by allowing users to add their own custom providers (mutable or immutable) for four key aspects of the identity problem: credentials, permissions, profiles, and management. For now, this old, outdated J2EE version of the idea is sketched out here -- http://www.opensymphony.com/osuser/index.html -- I’ve actually worked with a proprietary implementation similar to this and the ability to chain together providers for each aspect of identity was incredible (NOTE: the bridges aren’t that applicable in the PHP world; in J2EE, the application server had container-managed authentication and user management built-in and portability from one app server implementation to the next required these different bridges). MODx could become a web application integration system, and all the various identity standards that are emerging could be easily adopted (e.g. SAML and other parts of the OpenID approaches).

Quote from: OpenGeek at Nov 10, 2005, 08:53 PM

(...)MODx could become a web application integration system, and all the various identity standards that are emerging could be easily adopted (e.g. SAML and other parts of the OpenID approaches).

This is a very exciting thought ! I’ve been waiting for a long time for something to happen in that area... Integrating different tools is usually such a pain I have been wondering for quite some time now why there is no open standard for authentification and identity management. Thought OpenID was "it" but I am not qualified to make an assessment of this tool. I’ll be following up on this, most definitely