Vanilla 2 & Garden are all about integrating with existing applications. We recently released our first single sign-on integration with WordPress, made available from our addons site. There are a number of different methods for performing single sign-on with an external application, and this plugin represents just one.
Ready to get going with ProxyConnect?
Installation is a 3 step process. Step 1 is to install the ProxyConnect addon in Vanilla. Step 2 is to configure/install the complimentary plugin or code within your remote application. Step 3 is to configure the ProxyConnect addon in Vanilla using the values provided by the complimentary plugin in your remote application.
Simply copy the ProxyConnect/ folder into your vanilla/plugins/ directory on your web server. This will be enough to cause the ProxyConnect plugin to appear in the list of available plugins on your Dashboard.
We currently have a custom plugin for WordPress. To get up and running, copy the WordPress plugin from the external/ folder into the wp-content/plugins/ folder in WordPress. Then enable it from the WordPress dashboard. From then on, just follow the instructions on the WordPress addon's settings page itself.
Vanilla will need access to your existing application's session cookies (note: Vanilla doesn't alter your application's session cookies in any way, nor does it do anything with the information they contain). This means that your application's cookies should be on the same domain as Vanilla, and should not be isolated to any subfolders that Vanilla does not have access to. If you are using PHP, the easiest way to ensure this is to create your cookies in the following manner:
setcookie("YourCookieName", $YourCookieValue, $YourCookieExpiryTime, '/', '.yourdomain.com');
By setting the second-last argument to '/', you are ensuring that your cookies are based off the root folder of domain.com, and by setting the final argument to ".domain.com", you are ensuring that the cookie will be accessible from any part of your domain, even subdomains like sub.domain.com. Read this for more documentation on PHP's setcookie function. When you destroy your cookies (ie. a user signs out of your application), you must also destroy Vanilla's cookies (ending the associated Vanilla session as well). Unless you have customized the vanilla cookie name, it will be "Vanilla", and can be destroyed like this:
setcookie('Vanilla', ' ', time() - 3600, '/', '.yourdomain.com'); unset($_COOKIE['Vanilla']);
You'll need to create a "user information" page in your application. This is a simple page that writes information about the currently authenticated user to the screen. Vanilla uses an HTTP GET request with the page. The information should be in the following format:
UniqueID=1279 Name=Tim Emailfirstname.lastname@example.org TransientKey=02742kjd2820 DateOfBirth=1970-01-01 Gender=Male
Important: If the user is not signed in, your user information page should remain completely blank.
About the user information values:
About the response format:
Using this plugin you can define the location of your application's sign-in, sign-out, registration url, and also the location of your "user information page" or "authenticate url".
When a user visits Vanilla for the first time, Vanilla will make a request to your user information page behind the scenes (the user will not see anything happening). The user has an active session with your application: Information should be returned by the user information page. Vanilla will look in its database to see if the user has a related account. If the user does have a related account, it will sign the user in. If the user does NOT have a related account, Vanilla will create one and sign the user in. The user is not signed into your application:Vanilla will display its home page for guest users to the user since the user is not signed-in to Vanilla at this point. The page includes [Sign In] and [Register] buttons.
Two options are available for the sign-in process. The first requires fewer changes to your application:
The preferred optionis for your application to redirect the user back to Vanilla. This technique provides a much smoother user interface flow to the user:
How does your application know to redirect the user back to Vanilla after signing in the user?Either of two methods can be used:
Code samples describing how to integrate Vanilla Proxy Connect with different types of applications.
Once you've completed the steps above, sign out of Vanilla and then click the Sign In button again. If everything is set up correctly, you should land up on your remote application's login page. Log in with your admin account there. Upon successful login, you should be sent back to Vanilla and be prompted with a 'Sync Screen' (first time), or your Vanilla home page (subsequent signins). Using the "Link my Account" section, log into Vanilla with your original Vanilla Admin Account (created when you first made your forum). After logging in, your Vanilla admin account will be linked to your remote site admin account.
Ready to get going with ProxyConnect? Download ProxyConnect Now
Here is a video (sorry, no audio on it yet) of the entire process in action:
|Edited June 2011 by Tim|