Remote Authentication in Geeklog 1.4
- Sunday, November 20 2005 @ 02:45 pm EST
- Contributed by: THEMike
- Views: 30,860
Geeklog 1.4 introduces a new feature “Remote Authentication”. The motivation behind this core feature is simple: Users do not want to sign up at every site they visit to post a comment, and site administrators do not want to allow anonymous comments due to spam and other factors. Remote Authentication solves this problem by allowing people to login to your Geeklog site with their login credentials for another, established service.
Firstly, a caveat to users, the Remote Authentication feature in Geeklog requires you to expose your password for the remote service when logging in. An unscrupulous systems administrator could modify the code to capture your password. Do not use this feature on sites you do not trust!
Remote Authentication ships with support for LiveJournal.com and Blogger.com accounts. When correctly configured the Remote Authentication system will allow registered LiveJournal or Blogger users to login with their remote account to your Geeklog instance. This feature is disabled by default, to enable it you must set the $_CONF['remoteauthentication'] variable to true in your config.php file, and disable user submission (set $_CONF['usersubmission'] to 0).
When enabled, each login form will include a drop down box of supported login services. The default option is your Geeklog site, listed with the text from your site name configuration from config.php ($_CONF[‘site_name’]). You can add or remove sites used for authentication simply by adding and removing authentication classes from $_CONF[‘path_system’]/classes/authentication. For example; to disable LiveJournal support, delete the LiveJournal.auth.class.php file.