DEPRECATION WARNING

This documentation is not using the current rendering mechanism and is probably outdated. The extension maintainer should switch to the new system. Details on how to use the rendering mechanism can be found here.

EXT: DHBW SSO Service

Created:2010-02-18T17:33:18
Changed by:Jan Roth
Changed:2011-05-06T14:29:36.870000000
Classification:dhbw_naw_sso
Description:The keywords help with categorizing and tagging of the manuals. You can combine two or more keywords and add additional keywords yourself. Please use at least one keyword from both lists. If your manual is NOT in english, see next tab "language" ---- forEditors (use this for editors / german "Redakteure") forAdmins (use this for Administrators) forDevelopers (use this for Developers) forBeginners (manuals covering TYPO3 basics) forIntermediates (manuals going into more depth) forAdvanced (covering the most advanced TYPO3 topics) see more: http://wiki.typo3.org/doc_template#tags ----
Keywords:forAdmins, forIntermediate, single-sign-on, sso, naw_single_signon
Author:Jan Kristoffer Roth
Email:roth@dhbw-mosbach.de
Info 4:
Language:en

img-1 img-2 EXT: DHBW SSO Service - dhbw_naw_sso

EXT: DHBW SSO Service

Extension Key: dhbw_naw_sso

Language: en

Keywords: forAdmins, forIntermediate, single-sign-on, sso, naw_single_signon

Copyright 2000-2010, Jan Kristoffer Roth, <roth@dhbw-mosbach.de>

This document is published under the Open Content License

available from http://www.opencontent.org/opl.shtml

The content of this document is related to TYPO3

- a GNU/GPL CMS/Framework available from www.typo3.org

Table of Contents

EXT: DHBW SSO Service 1

`Introduction 3 <#__RefHeading__832_442493211>`_

What does it do? 3

`Users manual 4 <#__RefHeading__836_442493211>`_

`Administration 5 <#__RefHeading__838_442493211>`_

`Configuration 6 <#__RefHeading__840_442493211>`_

`Tutorial 7 <#__RefHeading__842_442493211>`_

`Known problems 11 <#__RefHeading__844_442493211>`_

`To-Do list 12 <#__RefHeading__846_442493211>`_

`ChangeLog 13 <#__RefHeading__848_442493211>`_

Introduction

What does it do?

  • This extension is a adapter for the Typo3 Single Sign-On Extension (naw_single_signon).
  • It can be integrated in your Typo3-Installation as an Auth-Service.

Users manual

See manual of Extension naw_single_signon

Administration

  • You have to install and configure naw_single_signon on your central Typo3-instance.

  • Now you can install this extension to another (or same as BE-Auth) Typo3-instance.

  • Copy the public-key (created for naw_single_signon) to your (client) Typo3-instance .

  • Configure this extension in the extension-manager. You must at least define:

    • enableBE and/or enableFE (as you which)

    • tpaBE and/or tpaFE (this is the third-party id for the naw_single_signon plugin)

    • tokensfile (it must in a writable directory. File will be created if it does not exists)

    • publicSSLKey (path to the copied public-file, must be readable)

    • logfile (if your loglevel is greater than zero. It must in a writable directory. File will be created if it does not exists)

    • windowsServer (if you use a windows-server)

    • externalOpenSSL (if you not want to use the integrated php-openssl)

      tmpSignatureDir and tmpSignaturePrefix (for externalOpenSSL)

Configuration

See tutorial

Tutorial

  • Configuration on serverside: plugin naw_single_signon

    img-3

  • Configuration on clientside: extension-manager

  • img-4 Enable the needed modes

  • define a third Party Application ID (TpaXX). Must be the same as you use on clientside.

  • img-5 Define directory and filename for the used-tokensfile (must be writable)

  • Define directory and filename of your public-key (copied from server, readable)

  • Define a logfile if you set loglevel greater 0. (I think only for debugging. Normal typo3-logging is integrated)

  • Check the box if your client is a windows-server

  • Check the box if you want to use external openSSL-Binary (then you need Tmp-Directorys too)

  • NEW (1.0.2) Define a logout redirect for the backend (if you want to get back to central loginpage)

  • img-6 Define our own errormessages (or URLs with http(s)://) for BE and FE-Usage.

Known problems

  • Be sure you use the index.php and not the backend.php for your Backend-Trust Agent URL on Serverside
  • You must maybe change the priority of this auth-extension if you use other plugins too.

To-Do list

Implement the ModifyCreate opinion

ChangeLog

0.1.0

Version

0.1.0

Changes

First release

img-2 13