PHP: Single Sign On (SSO) Module for KohanaMar 30, 2012

Single Sign On (SSO) is a session/user authentication process that allows a user to access multiple domains with a single username and password. To implement such a system is not easy as we all know that we can not share session information across different domains because of security restrictions. In PHP fortunately there is a very good and simple implementation of sharing session information across multiple domain (implemented by Arnold Daniels.

This post is about the implementation of Single Sign On as a Kohana module, so lets start with the requirements.

Prerequisites

  1. Kohana 3.2 or above
  2. CURL enabled
  3. Download SSO Module

Scenario

Let suppose you have two websites www.one.com and www.two.com. You will need to setup one of your website to act as SSO server (and both will also act as client off course). So lets make www.one.com the SSO server (and www.one.com and www.two.com the SSO clients).

Installation steps

  1. Past the downloaded SSO module into module folder of one.com project directory.
  2. Run the schema.sql bundeled with the SSO module, on the MySQL database server for one.com
  3. Add two broker's information in the brokers table (assign unique key and password to each broker).
  4. Update broker information in sso config file.
  5. Repeat all above steps for two.com.
  6. Commit the following code in modules/sso/init.php for two.com (as this domain is acting as client only).
   Route::set('ssoserver', 'sso/attach/<broker>/<token>/<checksum>/<returnurl>')
            ->defaults(array('controller' => 'sso',
                             'action' => 'attach'));

   Route::set('ssoserver_1', 'sso/<action>')
            ->defaults(array('controller' => 'sso'));

For sample implementation please see sample folder (in sso folder).

Thats all, enjoy session sharing across multiple domains :)



blog comments powered by Disqus
Me Hi! My name is Zeeshan Muhammad Khan (nick name Shan) and I am a software engineer, database developer, web developer, programming geek, statistics geek, mathematics geek, system analyst and maintainer of this site. read more

Web Shelf