Mixed Login Types and Documentation update

You have a suggestion for a future version of phpMyFAQ? Then post it here!

Moderator: Thorsten

Post Reply
Arametheus
Posts: 3
Joined: Wed Sep 11, 2024 8:47 pm

Mixed Login Types and Documentation update

Post by Arametheus »

Mixed Login suggestion:
I would like to propose a feature enhancement to support mixed login types, where both Single Sign-On (SSO) and local logins can be activated simultaneously.

Proposed Feature:
  • Enable phpMyFAQ to allow local logins alongside SSO/Other authentications.
Reasoning:
  • This feature would be particularly useful for organizations where administrators or certain users need access to manage FAQs but are not part of the external SSO system.
    By offering mixed login capabilities, phpMyFAQ could cater to a broader range of users, including external collaborators or contractors who should not be added to the primary authentication system.
This flexibility would improve the management of FAQs while maintaining secure access for both internal and external users.

=======================================

Documentation suggestion:
I would like to suggest an update to the current documentation for configuring Single Sign-On (SSO) with phpMyFAQ, specifically for Nginx/Apache and PHP setups.

Proposed Update:
  • Provide detailed, step-by-step instructions for activating and configuring SSO with popular web servers like Nginx and Apache, as well as with PHP.
    This should include:
    Configuration examples for Nginx/Apache to enable SSO.
    Any required PHP settings or modules.
    Best practices for securing the setup, such as HTTPS configurations and common pitfalls to avoid.
Reasoning:
  • Clear documentation for SSO setup is crucial, especially for administrators who may be unfamiliar with web server configurations.
    By offering this guidance, phpMyFAQ can make it easier for users to successfully implement SSO and enhance security for their FAQ system.
This improvement to the documentation would help streamline the SSO configuration process and ensure smoother adoption by both new and existing users.
Thorsten
Posts: 15620
Joined: Tue Sep 25, 2001 11:14 am
Location: #phpmyfaq
Contact:

Re: Mixed Login Types and Documentation update

Post by Thorsten »

Hi,

thanks for the great suggestions but one thing should be already possible: if you enable SSO, local logins should still work.

bye
Thorsten
phpMyFAQ Maintainer and Lead Developer
amazon.de Wishlist
Arametheus
Posts: 3
Joined: Wed Sep 11, 2024 8:47 pm

Re: Mixed Login Types and Documentation update

Post by Arametheus »

So when I got SSO activated from nginx. I tried to hit the PhpMyFaq instance and login with my admin login which auth_source is set to local. it just keeps redirecting back to the faq home page instead of logging me in.

maybe I'm missing something that also needs to be activated.


but if I go back and hit our SSO link from our other application logs us in just fine for my other user set to SSO.

So debugging the index file when I hit the faq directly this part of the code is triggering. if ($faqConfig->get('security.ssoSupport') && $request->server->get('REMOTE_USER') !== null

I'm guessing REMOTE_USER = '' and not null
I got it yes I had to set REMOTE_USER to NULL my bad.
Thorsten
Posts: 15620
Joined: Tue Sep 25, 2001 11:14 am
Location: #phpmyfaq
Contact:

Re: Mixed Login Types and Documentation update

Post by Thorsten »

Hi,

is it working now?

bye
Thorsten
phpMyFAQ Maintainer and Lead Developer
amazon.de Wishlist
Post Reply