Author: lazyrabbitt
Extension Description: An extension for phpBB 3.2.x that adds single sign-on capabilities to your phpBB installation, by utilizing your web server's authentication protocols, specifically tested with Kerberos.
Extension Version: 1.0.0
Requirements: phpbb 3.2.x
Features:
- Authentication via the web server utilizing Kerberos (this requires additional setup outside of the extension).
- Redundant LDAP servers.
- LDAP Lookup and pull of additional fields (full name, department, city, state, and country).
- Utilizing events overrides the display of the username with the display of the full name.
- Auto logon when a new session is started.
- LDAP Bind as backup for user authentication.
- Re-check feature for admins to re-pull all user's additional fields.
- Integrated additional fields collected from LDAP into the viewtopic display.
- Support to select the PHP global variable that stores the user authentication.
Demo URL: N/A
GitHub Repository: https://github.com/lazyrabbitt/KerberosSSO
Extension Download: https://github.com/lazyrabbitt/Kerberos ... v1.0.0.zip
Additional Comments:
I created this extension to work in our corporate environment which is mostly Windows with Active Directory. Though I adapted this code from an earlier mod that was designed for Apache. Original mod that I used as my starting point: viewtopic.php?f=70&t=1620325. The code is basically a merged version of the phpBB 3.2 LDAP code and that earlier mod, with some additional features. I tested the code using IIS on a Windows 2008 R2 server using the built in Windows authentication module. I am still testing the code to see if there are any fundamental flaws with the code/process and to see if there are any additional functionality that would be useful. I welcome feedback, especially to ensure I didn't completely FUBAR this up.
*edited to put topic into the recommended format.*
