[Sommaire] [Imprimer]

   1  
   2                      CLAROLINE EXTERNAL AUTHENTICATION SYSTEM
   3  
   4  Preliminary Note. This document doens't treat external authentication with CAS.
   5  
   6  This system allows Claroline to rely on external system concerning 
   7  authentication and user profile management. It is based on a collection of 
   8  authentication drivers stored inside the Claroline/auth/extauth/drivers 
   9  directory.
  10  
  11  These drivers can be loaded by the Claroline kernel when a user attempt to log 
  12  on the platform.
  13  
  14  To use one of these drivers
  15  
  16  1. Open the concerned driver into a text editor and adapt the parameters to your 
  17  own context.
  18  
  19  2. Uncomment the concerned line in the main Claroline configuration file 
  20  (claroline/inc/conf/auth.conf.php)
  21  
  22  
  23                                   HOW IT WORKS ?
  24  
  25  These drivers can be called by the Claroline authentication system in two 
  26  circumstances.
  27  
  28  1. When a user has never logged to the platform beforehand, ant try to log in to 
  29  Claroline for the first time. No record concerning this user are found into the 
  30  Claroline system, so it attempts to look for this user on the external 
  31  authentication systems list specified by its configuration file. When it founds 
  32  it, Claroline duplicates the user profile into its own user table, stating that 
  33  it comes for this specific external authentication system.
  34  
  35      The driver treating this case is called by the Claroline Kernel by line like 
  36      this below into the Claroline configuration file.
  37  
  38      $extAuthSource['authSourceName']['newUser'] = "path/file";
  39  
  40  2. When a user log to the platform next time. A record concerning this user is 
  41  already stored into the Claroline system. From this record Claroline is able to 
  42  know from where does this user profile comes. And it try to connect to the 
  43  concerned external authentication system to check if this user account is still 
  44  allowed to connect with this password. It also takes the occasion to update from 
  45  the external authentication system the user data stored into the Claroline 
  46  system.
  47  
  48      The driver treating this case is called by the Claroline Kernel by line like 
  49      this below into the Claroline configuration file.
  50  
  51      $extAuthSource['authSourceName']['login'  ] = "path/file";
  52  
  53  
  54                                  DRIVER SETTINGS
  55  
  56  Each Claroline driver sets 5 parameters.
  57  
  58  - $authSourceName : set the identity of the external authentication source 
  59  
  60      example : $authSourceName = 'phpnuke';
  61  
  62  - $authSourceType : set the technical type of the of the external authentication 
  63    source
  64  
  65      example : $authSourceName = 'DB';
  66  
  67  - $extAuthOptionList : set the parameters needed to connect to the external 
  68    authentication source and the field to to retrieve in it.
  69  
  70      example : $extAuthOptionList = array(
  71  
  72                      'url'      => 'ldap://server_address',
  73                      'port'     => '636',
  74                      'basedn'   => 'ou=personne,o=your organisation unit,c=domaine',
  75                      'userattr' => 'uid',
  76                      'useroc'   => 'person',
  77                      'attributes' => array('sn', 'givenName', 'telephoneNumber','mail'),
  78  
  79                  );
  80  
  81  - $extAuthAttribNameList : set how the data retrieved from the external 
  82    authentication source matches the Claroline data structure. The keys are the 
  83    Claroline attributes and the value are the authentication external attributes.    
  84  
  85      example : $extAuthAttribNameList = array (
  86  
  87                      'lastname'     => 'sn',
  88                      'firstname'    => 'givenName',
  89                      'email'        => 'mail',
  90                      'phoneNumber'  => 'telephoneNumber',
  91                      'authSource'   => 'ldap'
  92  
  93                  );
  94  
  95  - $extAuthAttribTreatmentList : set any optional preliminary treatment to the 
  96    data retrieved from the external authentication source before committing it into 
  97    Claroline. The keys are the concerned Claroline attribute, and the values are 
  98    the name of the function which make the treatment. You can use standard PHP 
  99    function or functions defined by your own.
 100  
 101          $extAuthAttribTreatmentList = array (
 102  
 103                  'lastname'     => 'utf8_decode',
 104                  'firstname'    => 'utf8_decode',
 105                  'loginName'    => 'utf8_decode',
 106                  'email'        => 'utf8_decode',
 107                  'officialCode' => 'utf8_decode',
 108                  'phoneNumber'  => 'utf8_decode',
 109                  'status'       => 'treat_status_from_extauth_to_claroline'
 110  
 111          );
 112  
 113  
 114  Hugues Peeters
 115  peeters@ipm.ucl.ac.be