« Creep: The most stupid film of the year | Main | Alpha, Beta, Gamma »
Thursday, June 16, 2005
[IPB 2.1] Log In Authentication
I've almost finished this section of IPB off (the last major feature before the first alpha "technology preview" release) and I'm fairly pleased with its implementation.
In a nutshell, it allows one to add different methods of authenticating the username / password combo when a member logs in. There are two options available. Pass-Through and On-Fail.
Pass-Through simply queries the non-IPB authentication modules for each log in attempt. If the username and password doesn't authorise, we return a fail and the member is told their log in attempt failed. If the authentication was approved and a member (linked via username) is found in the IPB database, the member is loaded and returned. If a member is not found in the IPB database, then (assuming this log in auth module allows member creation) IPB starts the process of creating the member in the IPB DB which is finished when the member completes their (First log in) form.
On-Fail will attempt to authorise via IPBs database first. If a member is found and the authorisation is processed, then the member is returned. If there is no member found, then the non-IPB module is queried as per pass-through.
In addition, one can replace the log in form with their own HTML or add HTML to the log in form (for alternative log in methods, such as PassPort). One can also enter a URL for the member to manage their account (changing password, etc) and a URL to register. This is ideal if you want to keep all your registrations in an existing site / CMS.
Each log in module comes with three files: "auth.php" which is the module which performs the authentication. "conf.php" a configuration file to accept SQL details and such (didn't think that it was wise to use the settings database to store sensitive info ) and "acp.php" a file which manages the installation and other ACP tasks relating to that log in module suite.
All in all, I think this is a very flexible system and will open IPB right up for use on large corporate sites with an existing membership database and small sites where an existing product is already being used.
Of course, it also allows us to complete our "Converge" project - although this has gone through several key changes over the past six months or so. Expect more Converge news soon.
First movie: This shows a phpBB user (from a test DB I had installed) logging into IPB for the first time. Note how they are asked to complete a "Your first log in" form.
abs-login.mov (Quicktime .mov 1.1mb)
Second movie: Not terribly exciting, but shows the ACP controls for the different pre-installed log in types. Note several are flagged as "not installed" this is because the install script hasn't been run which asks for LDAP and SQL details and thus are not able to be selected until the install program has been run.
acp-loginauth.mov (Quicktime .mov 4.8mb)
June 16, 2005 | Permalink
TrackBack
TrackBack URL for this entry:
https://www.typepad.com/services/trackback/6a00d83423035953ef00d83483264f69e2
Listed below are links to weblogs that reference [IPB 2.1] Log In Authentication:
Comments
Matt,
as I already said: this is one of the most exciting and amazing features. Can't wait to see it in real life. Thanks for your hard work and take care.
Regards,
vee
Posted by: vee | Jun 16, 2005 3:13:55 PM
Definitely a very cool feature and will benefit many people, but looks complicated to configure :P.
Posted by: Logan | Jun 16, 2005 3:52:12 PM
It'll be no harder to install pre-written log in modules than it is to install the board.
Posted by: Matt | Jun 16, 2005 4:01:30 PM
Great job! I look forward to how this feature turn's out.
Posted by: Justin | Jun 16, 2005 4:15:33 PM
Again great news !
This really sounds good.
Many good ideas/implementations like:
- pass-through/on-fail
- enter a URL for the member to manage their account
- one can replace the log in form with their own HTML or add HTML to the log in form
- multi-step reg-form
- ...
:thumbsup: ;-)
Posted by: mikee aka Nicoo | Jun 16, 2005 5:05:27 PM
As I mentioned on the forums, I feel it is important to include a reasonable number and variety of "pre-written log in modules"; in particular I think it's far more useful (for most) to be able to integrate with popular CMS systems such as e107, mambo etc. rather than integrating with second-rate forum systems.
Lets face it, if you're not using IPB then you'll be looking for a db convertor to get your forums running on some decent software rather than wanting to keep both forums running alongside each other.
Posted by: Damien | Jun 16, 2005 5:44:26 PM
That's great news Matt! Keep it up :)
I just have one question - you mentioned Passport? Did you mean .NET Passport - the passport that Microsoft uses? Because if you did, then we all know how many users have .NET PassPort accounts (Messenger and Hotmail)... ;)
So is it .NET Passport? Thanks again
Posted by: Mireno | Jun 16, 2005 6:59:51 PM
Sounds good. I think we will see prewritten login modules for IPD. And yes, he did mean .NET passport.
Posted by: Swords | Jun 16, 2005 10:39:03 PM
Mireno, not every single .NET passport user would be registered on your forum.
When you login for the first time using your Passport account. It checks the login data with the Passport database and then takes you to the first login screen, where you enter your personal info for your account, kind of like registering for the first time, except you login to register.
Posted by: Wilko | Jun 16, 2005 11:35:44 PM
can't wait for a Mambo integration using this system!
Posted by: phil | Jun 17, 2005 3:36:52 AM
It seems very flexible BUT, i wonder about one thing. On the first movie, the second step is for registering as you said, because the login name does not exists.
But i don't think it's very explicit. As it is a new initiative (understand, no one who is not familiar with IPB won't know about this subtility of registering "on login failure"), people may be a bit confused and maybe won't undestand that a wrong login form --> registering form.
If an existing member ripped while writing his login name, it will provide him a registering form ... which would be ridiculous.
I think you should not lost of view that board users are not skilled as we would like. Login/registering/profile forms should not be technical at all and i think we are entering a too complicated way of life with this login system.
Maybe after a failed login, an intermediate screen with choices on what to do will guide better the "member" such as : 1) forget your login details (username, password etc.) 2) want to register ? etc.
Posted by: The Jedi | Jun 17, 2005 7:26:15 AM
It doesn't work like that.
The only time you'll see the "welcome to our board / first log in" screen is if the member is not in the IPB database but is in the remote database and authenticates without error.
Posted by: Matt | Jun 17, 2005 9:13:45 AM
Hi Matt,
I dont get the whole clue about this feature.
Can you tell when someone could use this login system and why?
thnx
Posted by: OzAd | Jun 17, 2005 10:16:47 AM
@ Matt > okay, thanks for the explaination. I misunderstood a bit ;)
Posted by: The Jedi | Jun 17, 2005 12:57:32 PM
[Quote]The only time you'll see the "welcome to our board / first log in" screen is if the member is not in the IPB database but is in the remote database and authenticates without error.[/Quote]
So it would be good to tell the user!
"Your authentication succeeded. We now need some more informations from you..."
Something like that. Really simple. Don't confuse novice users with "complicated words". And the message should be made visually outstanding, because when users see a input-box, they tend to start right away. But they should still understand, that the login/password they just uesed will work in the future.
Perhaps some "intermediate screens" are sometimes really necessary, when the information is in some way important. Because many people do not read everything that is written on the page. Would often take too long...
Posted by: mikee aka Nicoo | Jun 17, 2005 1:43:41 PM
I don't think it can be made more obvious than:
"Welcome to our forums, as this is the first time you've logged in we need some more information".
Posted by: Matt | Jun 18, 2005 10:08:21 AM
I don't think you're going to be able to get away without posting a video or two per post now. :P
Posted by: Don Wilson | Jun 18, 2005 7:02:00 PM
Matt your a coding machine this is why we chose IPB as our forum for choice because you never cease to amaze us...
Keep up the amazing work!!
Posted by: Venom | Jun 19, 2005 6:13:43 AM
Congratulations on all your hard work. It's great to see the Technology Preview.
Posted by: James | Jun 24, 2005 6:15:21 PM
Nice to see the preview. With all the reported bugs, I think that the beta/pr will go very quickly!
You ARE the man Matt Mecham!
Posted by: Cybertimber2005 and Cooldude7273 | Jun 28, 2005 3:52:04 AM
Please make the beta appear normal on a 800x600 screen!
Posted by: Lewis | Jun 28, 2005 9:50:03 AM
Very good to see this integration. Is there going to be any way of determining that the user has already been authenticated by a site's internal mechanisms and just pass new users on to the "first login" page? While I'm at it, it would be nice to keep a site-wide session fresh while within IPB.
I've purchased IPB but I don't want to install it and get a bunch of users with unharmonious logins, so if your fingers can go any faster on 2.1 ... :)
Jason
Posted by: Jason | Jul 6, 2005 6:46:25 AM
Ok that's a great job.
Here's a suggestion for a future realease
What about a system that'd implement the Microsoft Active Directory system.
I plan to buy the IPB 2.x version for my firm and I would like that the Microsoft Active Directory logins would be used in the IPB database. So no need of create or register news members accounts.
I hope I've been understood :)
Sebastien
Posted by: Seb | Jul 23, 2005 9:13:37 AM
[URL=http://kamera.2bb.ru/viewtopic.php?id=14]cams.com[/URL]
Posted by: camscominfkd | Jun 1, 2007 2:03:45 PM
[url=http://cadillac.125mb.com/Cadillac-XLR.html]cadillac xlr[/url]
Posted by: Cadellatorya | Jun 1, 2007 5:03:14 PM
The comments to this entry are closed.