Best way to hook Virtualmin login to system?

5 posts / 0 new
Last post
#1 Wed, 03/25/2009 - 18:34
sfatula

Best way to hook Virtualmin login to system?

If I have another open source system which requires one to login to access it's features and...

I want a Virtualman user to be able to go from Virtualmin to the external system, and, link them in such a a manner as to not require another login.....

What is the best way to link the two systems? [ul] [li]Is there a way to populate the other systems database with all Virtualmin users and passwords as they are created? Doc?[/li] [li]Is there a way to use the logged in Virtualmin user and simply pass the user and password to the other system? Perhap via "custom links" and virtualmin variables somehow?[/li] [li]Is there a way to somehow access the virtualmin user authentication database from another system? Doc?[/li] [/ul]

I want a user that is logged into Virtualmin to click on say a custom link, and, be logged into the external system to do whatever the external system does. I can handle programming the external system, but need a mechanism to do so.[color=#825900][/color]

Thu, 03/26/2009 - 07:55
ronald
ronald's picture

if you make a custom link to that site and add /session_login.cgi?user=username&pass=userpass
would that work?

Sun, 03/29/2009 - 20:41 (Reply to #2)
sfatula

Yes, I found the users and groups in webmin. But, if you check the after script environment, it's just the unix username and password, I need the email address. So, somehow, have to get from unix user to email address. I guess one then has to do some lookups in some virtualmin files to extract this??

I REALLY wish there was a simple way of capturing ALL users added, changed, or deleted with all data for them.

Thu, 03/26/2009 - 23:15
Joe
Joe's picture

Good question. Sharing sessions is always harder than it should be. Sharing the actual user logins is probably a possibility...PAM is pretty widely supported by most scripting languages, and so, if your app supports authentication via PAM, that would allow the same passwords (but not without logging in again). Though if you're going that route you could write a script to update any type of password and call it with the commands to run before/after making changes to a user (found in Webmin->System->Users and Groups->Module Config). Doc:

http://doxfer.com/Webmin/UsersAndGroups#Before_and_after_commands

Virtualmin also has before/after commands for virtual server modifications.

Sharing a session or providing a link that logs users in...As ronald suggested, a custom link might do the trick, but I'm not sure exactly how. I dunno if Custom Links in Webmin would have access to the username and password. I'm actually kinda wishing for that capability myself. Our reseller system runs under Webmin, while our new website is running Drupal. It'd be nifty to be able to drop users into the reseller system without having to login to a different account. Then again, it might be easier to simply rewrite the customer facing portion of the reseller system to run under Drupal and tie into the same database. ;-)

What I'm saying is: I don't actually know how to share a session with Webmin. Sharing the user data is easy, though, via before/after commands.

--

Check out the forum guidelines!

Thu, 06/25/2009 - 04:09
deserted

theres a couple of ways you could achieve this

1 would be to store a variable that associates your webmin/virtualmin user with the login details for the second system - from here you would need to dig through the second app, find what script processes the logins, look at what variables are posted to it and replicate that in a form users can submit on virtualmin/webmin

a quick example is below, using webmin/vmins ui-lib functions

print ui_form_start("http://your.dest.url/process_login.php", 'post', '_blank');
print ui_hidden("USERNAME", "$server{'username'}");
print ui_hidden("PASSWORD", $server{'password'});
print ui_form_end([[ "submit", "Submit" ]]);

I actually use something similar to link to an external app in one of the modules I'm working on, so if you decide to go this way and get stuck, feel free to chase up some assisstance :)

Another option, which would involve a lot more work, would be to implement openID in both apps, depends of course on whether you feel like coding this, or if there are modules available for this on both apps - this would give the added advantage of 2-way authentication sharing, rather then only going outwards from virtualmin/webmin.

If Joe sees this again, I'd have to suggest the second as an option for them, being drupal has very solid openID modules.

Topic locked