| Authentication Integration [message #34054] |
Tue, 03 October 2006 12:32  |
pgregg
Messages: 14
Registered: July 2006
Karma: 0
|
Junior Member |
|
|
Is it possible to have FUDforum authenticate via Active Directory (LDAP) for usernames and passwords? I'm also interested in having AD manage the Groups list - have some sort of AD sync?
Also, as well as permissions for what you can *do* - can group permissions resolve what you can *read* ? For example, Say I want to build a Knowledge Base, with a moderation workflow, via Forum posts (which I do). I know it will be trivial to control who can post there, but I want those posts to have a status of e.g. "Unreviewed", "Internal", "Verified", "Public", "Partner", etc, and to use a user's group permission to control whether they can see that post.
I know I'd probably have to write a custom search for it - but that doesn't worry me.
I am looking for alternatives to our existing support forum(s) [I inherited it - Java based, pita  ], but this time I would like to do something integrated with the normal management of the employees (1,000s) and make it simpler to deliver content to registered users (~500k).
Thanks,
Paul.
|
|
|
|
| Re: Authentication Integration [message #34055 is a reply to message #34054] |
Tue, 03 October 2006 14:37  |
Ilia
Messages: 13241
Registered: January 2002
Karma: 0
|
Senior Member
Administrator
Core Developer |
|
|
Simple answer is yes.
Here is a more detailed one.
FUDforum provides a login API you can find in the scripts directory. You can use this API to create a "login wrapper" that would supersede the native authentication system. The wrapper would use LDAP to identify the user and then, fetch their forum id via the API and using the ID create a user a valid session.
FUDforum Core Developer
|
|
|
|
| Re: Authentication Integration [message #34067 is a reply to message #34054] |
Tue, 03 October 2006 18:47 |
Ernesto
Messages: 413
Registered: August 2005
Karma: 0
|
Senior Member |
|
|
| pgregg wrote on Tue, 03 October 2006 08:32 |
Also, as well as permissions for what you can *do* - can group permissions resolve what you can *read* ? For example, Say I want to build a Knowledge Base, with a moderation workflow, via Forum posts (which I do). I know it will be trivial to control who can post there, but I want those posts to have a status of e.g. "Unreviewed", "Internal", "Verified", "Public", "Partner", etc, and to use a user's group permission to control whether they can see that post.
I know I'd probably have to write a custom search for it - but that doesn't worry me.
|
You cannot control a posts status right of the bat, you would have to create different forums/categories (subforums) for that. However, you have full control of a user, or a usergroup on which forum or category they can read, see that it exists, post, edit, delete, etc etc.
But come to think of it, I do not think it should be all too hard to add a column in the database to add a flag with a "Security level" to the post and then tie it to the permission system.
Ginnunga Gaming
|
|
|
|
Calendar
Search
Help
Members
Register
Login
Home
]