Skip to main content

This site requires you to update your browser. Your browsing experience maybe affected by not having the most up to date version.

We've moved the forum!

Please use forum.silverstripe.org for any new questions (announcement).
The forum archive will stick around, but will be read only.

You can also use our Slack channel or StackOverflow to ask for help.
Check out our community overview for more options to contribute.

Archive /

Our old forums are still available as a read-only archive.

Moderators: martimiz, Sean, Ed, biapar, Willr, Ingo

Custom Authentication Process


Go to End


5 Posts   3016 Views

Avatar
MKayHavoc

Community Member, 33 Posts

26 September 2008 at 12:55am

Hi,

I'm using the PEAR Auth package to authenticate against LDAP and tie down my entire site, make it authentication only.

I've added the code into Page_Controller function init() and it's working and I can authenticate. However once authenticated I end up at sapphire/main.php instead of the page I was trying to visit. How can I make this work properly?

Avatar
Ingo

Forum Moderator, 801 Posts

27 September 2008 at 12:45am

Avatar
MKayHavoc

Community Member, 33 Posts

30 September 2008 at 9:24pm

I'm already using the LDAP extension for the CMS. What I'm wanting to do is lock down the entire site. Requiring authentication to view it.

Avatar
Hamish

Community Member, 712 Posts

30 September 2008 at 11:10pm

Ah, in the controller for Page, you'll need to add a line that checks for the view permission

eg:

function init() {
    if(!Permission::check("VIEW_SITE")) Security::permissionFailure();
  }

However, you'll need to make sure that users can use the login page! Eg, check to make sure the user is not trying to access the security login page - if not, apply the code above.

This will make sure that the user must be logged in to view any page except the login page.

Avatar
MKayHavoc

Community Member, 33 Posts

30 September 2008 at 11:27pm

That bit of code gives me a Redirect Loop error.

Basically all i'm trying to do is add in a bit of Authentication code that is run on each page load to make sure a session is present. The code runs and I can authenticate but it then redirects me to /sapphire/main.php instead of the page I was trying to go to before authenticating.

The code is using the Auth PEAR package and my own custom login form.

I'm just trying to figure out why it's not remembering what page I was trying to get to and sending me to main.php...?