No more Fetures >>
I've implemented all the features we were expected to do and implented some other feature which are not decided at the first such as Single Sign On. More details about JConnect features can be found here.
How it works
in this I would like to tell you some of the features(internals) and how they've implements. for this time I would like to express about authentication and single sign On from External Applications.
Single Sign On and Authentication
To implement Sign Sign On and Authentication into JConnect was hard for me. Because although I choosed to integrate Elgg ; JConnect should be designed in a more generalised way and could be able to use with any application.
So at first I choosed an OpenID framework to do that. by using that I convert Joomla into a OpenID identity povider and Elgg becomes and OpenID client. It works. and sometimes it fails on some servers and it takes a lot of process time.
Then I realized that OpenID is not the best solution for this and it does some processes that are meaning less for JConnect. So I read about how openID works and built a customized and minized version of OpenID that will work fine for JConnect.
- In this sytem after an user successfully logged into Joomla (we use normal login process of Joomla) it will generate a public token and a private token based on the secret key shared by both Joomla and ExApp.
- when ExApp get the public token It'll generate the private token based on the secret key and opens a html page via fopen() with sending this private token.
- then in that page(Joomla) it'll check the private token is valid and if so prints the user-details as JSON. and invalidate that private key.
- then in the ExApp it'll get the JSON of user-details and do the local login process.
OK! That's authentication where's the Single Sign On ?
- here it is.... We use above system to do both Authentication and Single Sign On.
- once the user-gives login details in this process Joomla! will get logged in that user.
- then the user can go to the Joomla site and he can see he logged in.
- And the vise versa of the this case is also the true.
- If the user has already logged into Joomla! then in the above process it won't ask the login details from the user and just send the public key.
- So user can logged into Elgg with out entering username password!
Download and other infomation
Feedbacks and Next
I would really like to here feedbacks from you and if there's issue I really like to here about that. anyway in the next blog posts I would like to show about some other internals and Developer version of JConnect.