I'm developing a new Drupal site and was hoping to use Disqus for the comments. I have Single Sign-On configured, however I don't see any way of using it exclusively. Meaning, disable sign in with regular Disqus accounts, Facebook, Twitter, and Google, so that only users that have signed up through my site can use it. This is the way IGN.com does it, for obvious reasons, and it seems to work just fine.
I'm trying to create a unified community of users with unique names, and that doesn't really work when anyone can just log in with their Facebook and use whatever name they want. Then there can be a hundred people with duplicate names and the account they're commenting with won't have any ties to my site.
IGN uses a product that is no longer offered by Disqus, and there's no way to restrict the login options to SSO-only.
You might be interested in using AudienceSync, which replaces this. You can read about it and request to use it here: http://help.disqus.com/customer/portal/articles/1104796-single-sign-on-audiencesync
Related
I have an application where I'd been asked to support Google sign-in. Something we've tried to do since the beginning was not require javascript for any important functions. Is it possible to perform Google Sign-in without requiring Javascript?
I've read some of the guides such as https://developers.google.com/identity/sign-in/web/sign-in and https://developers.google.com/identity/sign-in/web/backend-auth, but they all seem to have a javascript component involved.
For example, can we use only links and redirects, etc. to accomplish a Google-based authentication, along with some server-side verification?
I think what you want to do is described in the OAuth 2.0 for Server-side Web Apps documentation. Several of the sections in that doc have tabs with language specific examples and there is also an HTTP/REST tab that shows how to generically use Google's OAuth URls.
You will also want to follow Google's sign-in branding guidelines.
I've been looking for the same thing. I'm sick of popups and I don't want them in my site. It seems like there should be a way to just link to a Google page, then redirect the user back to my site. However there doesn't seem to be any documentation about how to do that.
I also agree that it shouldn't matter what programming language is being used. Google doesn't need to know that. All we need is a URI to send the user to, and some way to indicate where the user should be redirected back to.
We are currently trying to use Concrete5 to create an internal Intranet for the company I work for (this is a web-based server). What we would like to do is allow our employees to sign in using their Gmail and be able to see their personal calendars amongst other things on sign in.
I would like the employees to just sign in once, get automatically asked for granting permissions during the login, and then be taken to the home page.
I'm having trouble figure out how to modify Concrete5's built-in Google login to request these scopes. I am pretty bare-bones in my PHP knowledge and no amount of Google searching has really answered my question specifically for modifying the authentication for Concrete5.
So to sum up my question:
How would someone go about modifying Concrete5's Google authentication to request additional permissions? We are using 5.8.3 and are always updating as necessary, so modifying the core is not really an option to prevent overwrites in the future.
The best way to do that would be to copy the core Google login system to create a new one. You could call it Google Custom or anything you want. You could include it in the folder application/authentication or in a package, with the appropriate modifications.
But to be honest, if you're bare-bones in your PHP knowledge, it all might be a bit too difficult to achieve
I am building a web consisting of MediaWiki and phpBB as its subcomponents. Also WordPress may be added in future. My current problem is to choose a single unified authentication method (not to force users to have a special MediaWiki account, a special phpBB account, etc.).
Which approach would you recommend me? The basic limitation is that it is a simple LAMP server (no LDAP database). Possibilities I know about:
Use a decentralized protocol such as OpenID, OAuth 2.0, etc. I would prefer this approach. However, OpenID is not supported by Google any more so OAuth 2.0 would be probably more appropriate.
Use DB of users from phpBB and install some plugin to other subcomponents (MediaWiki extension for phpBB auth.)
Use DB of users from MediaWiki and install some plugin to phpBB.
Use some specialized web application for user credentials management and install plugins both to MediaWiki and phpBB.
I think the main point you already understand: You need one of your new platforms to be the central user store. The problem you know have to find out:
What platform has the plugins to interact with each other? It's possible, that you find plugins, that only works "in one direction", and for mediawiki itself you will find a log of outdated extensions, that maybe won't work anymore with the latest mediawiki versions and updates.
The other point is, that you should think about WordPress now, too. After you selected one central user store you mostly can't change it with a lot of work, so I would check for an integration of WordPress now, too.
Looking at that and a short search i wouldn't prefer MediaWiki to be the central user storage, and i'm not sure, if phpBB is the best solution, too :/
I think one of the best would be to use LDAP, extensions and plugins seems to be supported and working for the latest versions of each software. You yould have a central user store, which could be easily integrated in other applications, too. What is the reason you can't use it, an LAMP stack could handle this, too?
The second solution i would consider to choose is to use Google's user store and access it vi OAuth 2.0. MediaWiki, phpBB and WordPress supports this with plugins and/or extensions.
At the end of the day a login is a login is a login. All the custom fields specific to individual applications can be properly bridged with plug-ins. Make the app that will require the most babysitting your main database and thus login system. In many cases it's the forum, but that really varies by site.
I would caution that many new forum admins eventually want to upgrade from phpBB to something that's more powerful and modern. I was one of those admins. Yes, phpBB is as good as an open-source forum gets, but it just doesn't compete with the commercial forum apps. So keep that in mind if you make phpBB your main database.
I am developing a site in Wordpress that offers functionality and content to companies.
Each company will have hundreds of users. All users of all companies get the same content.
However, the main header changes (it needs to include the companies own logo). They also will have their own sub-domain, at least fo the login page, preferably for all pages.
The content will change regularly, so I would prefer having only one copy of that.
So the requirements are:
Same content for all users at same relative url
Different header based on group of current user
Different base url per group
forwarding of user to the correct base url if they login under a wrong one
What is the best way to implement this?
Straight WP with a sub-theme that deals with the header. Mod-rewrite to deal with the urls
WP-MultiSite (how would the same content under different base urls work here?)
Several copies of the site and somehow sync the content (how would I do the sync?)
Use a different CMS
Which of these is the most future proof way to go, assuming I might have to deal with thousands of companies each with hundreds to thousands of users.
Also, If there is an easier way because I missed something in my research like an existing plugin, that would be great too.
Thanks for your help.
I would say that such a thing depends on a lot more than these requirements. For instance, how granular would you like to have your user management? And how much are the users allowed to do on the different groups? Is unique information allowed on the different domains, or is all the information shared?
Based on the information you are providing, I think youy would be best off using the multisite version of wordpress. You then could use a broadcast plugin to share the information on all sites, and create a template site from which to create new sites (using the NS cloner plugin for instance).
There are of course some problems with this approach, for instance search engine optimisation. You will get a lot of duplicate content that will hurt the google ranking of the individual sites.
It would also be possible to do this using a single site install, but then you'll run into problems with the multiple domain structure. It can be done, but the available caching plugins will not support it (at least not that I know off), whereas a multisite environment is supported out of the box. It is also more difficult to keep users from posting on different domains, as they are using a single install. A multisite environment also has as shared user base, but they can be added or removed from the different sites at will.
Using a multisite environment would also allow you greater flexibility template-wise.
Is there a serviss or plugin (better service), that can use it in this way:
First, if a am guest, then i can use twiter, facebook, etc, commenting, but if i log in on site with local user, then i have only post comment with my user. (all comments need one system, not spliting on local and service)
Also in plugin need existing username protection.
I tray this: intensedebate.com but dont have local user implations on plugin.
Also in servise or system need comments integration in exsisting wordpress system.
One word say: defolt wordpress commenting features with soc commenting system.
Better i need use some of commenting servisies, becouse i also use phpbbwp bridge plugin, that make wordpresss users intro phpbb3 and reverse.
Is there any good solution, for my advanced system?
There are two options - use a plugin or implement Facebook/Twitter/etc auth manually. If you want the easy way - try one of these plugins:
http://wordpress.org/extend/plugins/rpx/
http://wordpress.org/extend/plugins/social/
They both allow users to register/login via social network accounts as well as some more handy features. Hope this helps.
These two are the best, and fulfill your requirements:
http://wordpress.org/extend/plugins/intensedebate/
http://wordpress.org/extend/plugins/disqus-comment-system/