Difference between revisions of "Freeside:4:Documentation:Developer:Authentication Plugins"
(Created page with "= Purpose = Authentication plugins are useful for integration with external authentication (and, optionally, authorization) systems. = Creation = To create an authentication p…") |
(→Creation) |
||
| (4 intermediate revisions by the same user not shown) | |||
| Line 1: | Line 1: | ||
= Purpose = | = Purpose = | ||
| − | Authentication plugins are useful for integration with external authentication (and, optionally, authorization) systems. | + | Authentication plugins are useful for integration with external authentication (and, optionally, authorization) systems, to integrate backoffice logins with your company-wide directory or single-sign-on. |
= Creation = | = Creation = | ||
| Line 7: | Line 7: | ||
To create an authentication plugin, add a module in FS/FS/Auth/ such as FS/FS/Auth/my_external_auth.pm | To create an authentication plugin, add a module in FS/FS/Auth/ such as FS/FS/Auth/my_external_auth.pm | ||
| − | Inherit from FS::Auth::external. One method needs to be provided, " | + | Inherit from FS::Auth::external. One method needs to be provided, "authenticate". See the template below for an example. |
= Activation = | = Activation = | ||
| − | Set the authentication_module configuration setting to the name of your plugin (for now: either manually in the database, or by adding it to the options for authentication_module in FS/FS/Conf.pm) | + | Set the authentication_module configuration setting to the name of your plugin (for now: either manually in the database, or by adding it to the options for authentication_module in FS/FS/Conf.pm). |
| + | |||
| + | Optionally, set the external_auth-access_group-template_user configuration setting to the username of a template user. Access groups will be copied from the template user. (A different template user can also be supplied by your plugin, overriding this default.) | ||
= Template = | = Template = | ||
| Line 61: | Line 63: | ||
my($self, $username, $check_password, $info ) = @_; | my($self, $username, $check_password, $info ) = @_; | ||
| − | if ( $username =~ /^joe(.*)$/ ) { | + | if ( $username =~ /^joe(.*)$/ ) { |
$info->{'first'} = 'Joe'; | $info->{'first'} = 'Joe'; | ||
$info->{'last'} = $1; | $info->{'last'} = $1; | ||
Latest revision as of 11:58, 13 May 2013
Contents
Purpose
Authentication plugins are useful for integration with external authentication (and, optionally, authorization) systems, to integrate backoffice logins with your company-wide directory or single-sign-on.
Creation
To create an authentication plugin, add a module in FS/FS/Auth/ such as FS/FS/Auth/my_external_auth.pm
Inherit from FS::Auth::external. One method needs to be provided, "authenticate". See the template below for an example.
Activation
Set the authentication_module configuration setting to the name of your plugin (for now: either manually in the database, or by adding it to the options for authentication_module in FS/FS/Conf.pm).
Optionally, set the external_auth-access_group-template_user configuration setting to the username of a template user. Access groups will be copied from the template user. (A different template user can also be supplied by your plugin, overriding this default.)
Template
Here is a template for authentication plugins:
package FS::Auth::my_external_auth;
use base qw( FS::Auth::external ); #need to inherit from ::external
use strict;
sub authenticate {
my($self, $username, $check_password, $info ) = @_;
#your magic happens here
if ( $auth_good ) {
#optionally return a real name
#$info->{'first'} = "Jean";
#$info->{'last'} = "D'eau";
#optionally return a template username to copy access groups from that user
#$info->{'template_user'} = 'username';
return 1;
} else {
return 0;
}
}
1;
Example
Here is an example plugin which authenticates anyone with a username starting with "joe":
package FS::Auth::onlyjoe;
use base qw( FS::Auth::external ); #need to inherit from ::external
use strict;
sub authenticate {
my($self, $username, $check_password, $info ) = @_;
if ( $username =~ /^joe(.*)$/ ) {
$info->{'first'} = 'Joe';
$info->{'last'} = $1;
$info->{'template_user'} = 'ivan';
return 1;
} else {
return 0;
}
}
1;
