DEPRECATION WARNING
This documentation is not using the current rendering mechanism and is probably outdated. The extension maintainer should switch to the new system. Details on how to use the rendering mechanism can be found here.
EXT:sfpipauth¶
| Author: | Christopher |
|---|---|
| Created: | 2010-12-18T19:57:23 |
| Changed by: | Christoph Buchli |
| Changed: | 2012-04-04T09:15:39.140000000 |
| Classification: | sfpipauth |
| Description: | User authentication by IP address. |
| Keywords: | IP, Authentication, Autologin, fe_user, login |
| Author: | Christoph Buchli (snowflake productions gmbh) |
| Email: | support@snowflake.ch |
| Language: | en |
EXT:sfpipauth¶
Extension Key: sfpipauth
Language: en
Version: 0.1.0
Keywords: IP, Authentication, Autologin, fe_user, login
Copyright 2006-2012, Christoph Buchli (snowflake productions gmbh), <support@snowflake.ch>
This document is published under the Open Content License
available from http://www.opencontent.org/opl.shtml
The content of this document is related to TYPO3
- a GNU/GPL CMS/Framework available from www.typo3.org
Table of Contents¶
`EXT:sfpipauth 1 <#__RefHeading__5708_1738894311>`_
`Introduction 3 <#__RefHeading__1491_117855295>`_
`Users manual 5 <#__RefHeading__1497_117855295>`_
`Administration 6 <#__RefHeading__31511_818911409>`_
`Configuration 7 <#__RefHeading__31515_818911409>`_
`Known problems 8 <#__RefHeading__31525_818911409>`_
`To-Do list 9 <#__RefHeading__477_413120346>`_
`ChangeLog 10 <#__RefHeading__1417_1788900153>`_
Introduction¶
What does it do?¶
The IP Authentication Service is based on cc_iplogin_fe and cc_ipauth which are perfectly working extensions except for one drawback: Performance. Since the service is executed on every page hit, performance is critical here. Therefore, 'sfpipauth' has all the IPs stored in one separate table.
The Extension provides different login-modes that allow you to automatically log in users as well as to completely close your website for users with no matching IP with all possible combinations (see the Administration section for details).
To additionally improve performance, it's possible to prevent the service from being executed except the visitor starts a login-process.
Requirements/Compatibility¶
The Extension works with all tested TYPO3-Versions. However, if you encounter any problems in combination with one version, pleas drop a note.Furthermore, it might not be wise to use this Extension in combination with cc_ipauth. It doesn't really conflict but isn't tested nor recommended either.
¶
Image 1: Mask for creation of an IP-Authentication record
Screenshots Support ^^^^^^^
Please refer to this website http://blog.snowflake.ch and look for the corresponding entries and comments. On this blog you have the possibility to send us your comments and feedback, thank us, or just to read what is planned in next releases.
But it is not the right place to get support! Please send all your questions to the "English" TYPO3 mailing list. Many very experienced TYPO3 users will help you with installation, debugging or customization. And in case of bugs please refer to the project-site at TYPO3 Forge which can be found at http://forge.typo3.org/projects /extension-sfpipauth/issues/ .
Please do not send support requests to the authors of this extension. Except if you prefer to receive (commercial) support, sponsor some features etc. feel free to get in touch with snowflake productions gmbh, support@snowflake.ch .
Thanks for sticking to the rules!
Users manual¶
If you want to add, edit or remove a users or user-groups, go to the page, where you have stored the according IP-Authentication configuration.(Note: currently, it doesn't depend on which page the you have stored the record, sfpipauth searches the whole site anyways. If you need it to differ between pages, don't hesitate contacting us. See To Do list section for details.)
Add a new record of type “IP-Authentication configuration” and set the configuration:
- A name so you can identify the record
- the IP-RangeYou can use wildcards and subnet-masks
- User or user-group
- Login Mode
For a more detailed description to these settings, see the “Administration” section.
Administration¶
Load and install the Extension from the TYPO3 Extension Repository (TER).
In the Extension-Config, you can set by the option “fetchUserIfNoSession” whether the service is executed on every page hit or only if the user starts a session (e.g. by submitting a login- form).Note: Disabling this option might increase performance a bit but autologin won't probably work as expected. Also, this could conflict with other extensions/functions. So, if you're not sure about this, set the option to true.
Once installed, you can use the List Module to create a new data record of type “IP-Authentication configuration”. It doesn't depend on which page you store your records, probably you might want them on the folder where the users are stored...
Select the user or the group from the list that should be authenticated when the IP matches, then set the IP address of the Network, from where those user access the website. You can set a comma-separated list and use wildcards as well as subnet-masks to specify a range of IPs:1.1.*.* and 1.1.10.10/16 are both the definitions for the range 1.1.0.0 to 1.1.255.255.
Finally, select the mode, in which the authentication should run.There are the following options available:
Autologin, normal login if no match (recommended)
- If the IP address of the visitor matches the IP of your IP- Authentication configuration, the user is logged in automatically.- If the IP address doesn't match, the website visitor is still allowed to log in with username and password.
Autologin, disable login if no match
- If the IP address of the visitor matches the IP of your IP- Authentication configuration, the user is logged in automatically.- If the IP address doesn't match, the user is not allowed to log in at all.
Enable normal login, disable any login if no match
- If the IP address of the visitor matches the IP of your IP- Authentication configuration, the user is allowed to log in with his username and password.- If the IP address doesn't match, the website visitor is not allowed to log in.
Don't care (disable IP-mode)
- The IP Authentication for this configuration is not considered.
Configuration¶
fetchUserIfNoSession¶
You can set by this option whether the service is executed on every page hit or only if the user starts a session. See the Administration section for details.
Known problems¶
Currently no known problems. If you encounter any feel free to report them on forge.
To-Do list¶
If you need a Backend Login Authentication, or you want to be able to distinguish configurations according to their PID or you have any other idea for features, feel free to contact us according to the rules mentioned in the Support section. Thanks.