Skip to main content

This site requires you to update your browser. Your browsing experience maybe affected by not having the most up to date version.

We've moved the forum!

Please use forum.silverstripe.org for any new questions (announcement).
The forum archive will stick around, but will be read only.

You can also use our Slack channel or StackOverflow to ask for help.
Check out our community overview for more options to contribute.

Archive /

Our old forums are still available as a read-only archive.

Moderators: martimiz, Sean, Ed, biapar, Willr, Ingo

Login Form


Go to End


5 Posts   3486 Views

Avatar
cclingen

Community Member, 4 Posts

8 July 2008 at 6:34am

To be or not to be, that's the question :)

I'm trying to develop a site using SilverStripe and I've ran into a wall. I want to use permissions to manage access to pages. I've created a template that has a login and password field on left gutter - Think of the Terrafirma template. These fields appear if your not logged in. As you can guess, I don't want the standard Silverstripe login page to appear when attempting to access a restricted page.

I've though of unregistering the authenticators via Authenticator::unregister_authenticator but that method does not exist in Silverstripe 2.2.2. My plan was to unregister all of the authenticators (MemberAuthenticator, OpenIDAuthenticator and ExternalAuthenticator - Used for LDAP/AD). Next, create a new class the extends ExternalAuthenticator but does not have a function get_login_form.

Any ideas how to accomplish this? Am I heading down the right path?

Thanks in advance,

- Chris

Avatar
cclingen

Community Member, 4 Posts

8 July 2008 at 8:05am

The first problem I've ran into is the auth_external\code\ExternalAuthenticator.php line 323 needs to be changed from:

public static function authenticate(array $RAW_data, Form $form = null) {

to:

public static function authenticate($RAW_data, Form $form = null) {

This has been posted on the forums before but has not made it to the GA release of the auth_external module.

- Chris

Avatar
Willr

Forum Moderator, 5523 Posts

8 July 2008 at 10:01am

You might like to check that there isnt a existing ticket for this on open.silverstripe and if there isnt make a ticket and submit this as a patch for it. That way it will make its way into the core and the dev team and keep track of it

Avatar
cclingen

Community Member, 4 Posts

8 July 2008 at 10:54am

Edited: 08/07/2008 11:09am

I came up with a way to get the login form to work but I'm not happy with hacking core code. I edited the saphire/security/Security.php and commented out the login function and replaced it with:

public function login() {
Director::redirect($Homepage);
}

I'd love a method to disable the login form from being presented.

I next tried to do this without editing core code. The only way I could figure out how to do it was by creating a custom class CustomContentController that extended Controller. I then copied over all of the code from the original ContentController. I did this as ContentController's init function calls parent. If I extended the ContentController and overloaded the init function, I was not sure how to call the init function of Controller but skip calling ContentController. I.E. parent::parent::init() I only needed to change the following line in the init function:

Security::permissionFailure($this);

This would allow me to choose how to handle security. I would then create a custom class that extends from Security and overload the login function. As you can guess, making the one change above was easier but not the right answer in the long run.

Any ideas/suggestions would be greatly appreciated. I've been digging around in the code for almost a week to figure this one out.

Thanks,

- Chris

Avatar
cclingen

Community Member, 4 Posts

8 July 2008 at 1:01pm

Hi WillR,

I checked open.silverstripe.com and did indeed find a ticket open for the auth_external bug. Here's the link http://open.silverstripe.com/ticket/2536

Thanks for pointing me to your bug tracking system.

- Chris