Database Reference
In-Depth Information
Signon authentication
Since version 2.10, the signon mode enables us to use the credentials from another
application to authenticate to phpMyAdmin. Some applications have their own
authentication mechanism, so it's convenient to be able to use this fact to avoid
another cumbersome login panel. In order for this to work, this other application
has to store the proper credentials into PHP's session data to be retrieved later by
phpMyAdmin.
To enable this mode, we start with this directive:
$cfg['Servers'][$i]['auth_type'] = 'signon';
Let's suppose that the authenticating application has used a session named FirstApp
to store the credentials. We tell this to phpMyAdmin:
$cfg['Servers'][$i] ['SignonSession'] = 'FirstApp';
We must take care of users that would try to access phpMyAdmin before the other
application; in this case, phpMyAdmin will redirect users to the authenticating
application. This is done with
$cfg['Servers'][$i] ['SignonURL'] = 'http://www.mydomain.com/
FirstApp';
How does the authenticating application store credentials in a format that
phpMyAdmin can understand? An example is included as scripts/signon.php .
In this script, there is a simple HTML form to input the credentials and logic that
initializes the session—we would use FirstApp as a session name, and create the
user, password, and host information into this session:
$_SESSION['PMA_single_signon_user'] = $_POST['user'];
$_SESSION['PMA_single_signon_password'] = $_POST['password'];
$_SESSION['PMA_single_signon_host'] = $_POST['host'];
Note that FirstApp does not need to ask the MySQL's credentials to
the user. These could be hard coded inside the application, as they are
secret or there is a known correspondence between the credentials of this
application and that of MySQL's.
The authenticating application then uses a way of its choosing—a link or a
button—to let its users start phpMyAdmin.
 
Search WWH ::




Custom Search