The mailing list for listmasters using Sympa

[Chris Hastie <address@concealed>]

On Mon, 19 May 2008, Serge Aumont <address@concealed> wrote:

> Chris Hastie wrote:
> > I'm in the process of migrating various lists from an old version 4
> > something or other installation to a bang up to date 5.4.3 installation
> > and have hit a problem with integration with another application.
> >
> > The other application has been 'integrated' with the older sympa
> > installation in that on login it sets the sympauser cookie to an
> > appropriate value so that the user is also authenticated against sympa.
> > According to
> > http://www.sympa.org/manual/authentication#sharing_wwsympa_s_authentication_with_other_applications
> This section of documentation is now up to date. It include a perl sample.

Thanks Serge.

It looks to me like this is a way of having Sympa handle authentication for
another app. This doesn't work for me. I need the other app to handle the
authentication for Sympa. To complicate things, the other app is written in
PHP. The old sympauser cookie was easy - it could be achieved in a few 
lines of
PHP and didn't even require hacking the app itself as it could be dropped into
the main site template:

$sympa_domain = 'www.domain.co.uk';
if (exponent_sessions_loggedIn()) {
  $sympa_secret = 123456789;
  $sympa_auth = strtolower($user->email) . ':' . substr(
md5(strtolower($user->email) . $sympa_secret), -8);
  $sympa_expire = 0;
} else {
  $sympa_auth = FALSE;
  $sympa_expire = time() - (3600 * 24);
//  $sympa_expire = 0;
}
setcookie("sympauser", $sympa_auth, $sympa_expire, '/', $sympa_domain, FALSE);

I need to find a way whereby when a user authenticates against the other app
(Exponent CMS) a valid sympa session is created. The nature of the two sets of
users, and in particular the fact that sympa users are only a sub set of
Exponent users (and indeed drawn from Exponent's database) make it impractical
to work the other way.

--
Chris Hastie