Gallery3:Modules:pam - Gallery Codex
Personal tools

Gallery3:Modules:pam

From Gallery Codex

pam

Allows users to login by using external authentication methods.

Note: I chose not to use the existing LDAP module because it did not allow me to use both local Gallery accounts along with the LDAP accounts.

This module replaces the default login link on the user_menu_login. This works for the ajax login but to use the html you need to go to /pam ... I do not know enough about kohana to know how to use the /login url without removing the gallery/controller/login.php file.

INSTALLATION

Copy the pam folder to the gallery3 modules folder.

CONFIGURATION

  • Add plugins to the plugin folder to enable alternative authentication methods.
  • Edit the config/config.php file to override defaults.
   $plugin_path = ;
  • The default path is pam/plugins. You can put them anywhere and use this to set the absolute path.
   $plugins = array('gallery');
  • By default the plugin folder is scanned and whatever folders are found are added to the plugin array. By using this setting you can specify what plugins to include and in what order they will be used.
   $create_account = true;
  • By default this is set to false. Set this to true if you want to automatically create accounts. This assumes the plugin will have a getAccount() method that will return at the very least: name,full_name,email

Notes

  • Two plugins are included in the pam_plugin folder.
    • Copy a plugin to the plugin folder to make it available to the PAM module.

mock: will authenticate any matching name/password pair. ex. user/user and if $create_account is true then an account will be created using the name.
The fullname will be "Mock {the name used}" and the email will be set to "{the name used}@email.com"

ad: this is a plugin to authenticate a user via an Active Directory domain controller. It uses the class adLDAP (http://adldap.sourceforge.net/) and assumes that your PHP environment has the LDAP exensions loaded. This plugin has included the adLDAP class version 2.1. I've not tested with later versions.

USE

Login as admin and go to the Gallery Modules page. Check the PAM module and update. The PAM module will replace the "Login" link so that the PAM module will be used instead of the core Login.

By default the "gallery" plugin is in the plugin folder. This allows authentication via the core identity. You should be able to logout and then login again.

PROBLEMS

If you are not able to login just remove the PAM folder from the modules and refresh your page. Or you can go to the default login by going to {your site url}/login.

FUTURE

I will be adding an OpenID plugin soon.

By using the Mock plugin as an example you should be able to create a connector/plugin to any existing database or web service that will authenticate user credentials.

AUTHOR

Jim Sloan (jsloan.email@gmail.com)

LICENCE

http://github.com/jimsloan/gallery3-pam/blob/master/LICENSE