Drop Shadow

Single Sign-on

We now have a central sign-on system for our web pages. When a user logs into one section of our web site, they do not have to log in to other sections. You can use the central sign-on for your official web pages, if you are using PHP for your web pages. All official web pages are, under the redesign, using PHP.

The single sign-on system handles requesting passwords via secure server and authorizes pages for you automatically.

The central system updates immediately after someone changes their password, unlike the .htaccess system which can take up to an hour to reflect password changes.

Unlike the .htaccess system, this system protects pages, not directories. Protecting one page with this system does not protect the rest of the pages in that directory, even if it is the index page. You must follow these steps on every page that you want protected. This system cannot protect images, PDF files, or any files other than PHP files. If you wish to password-protect non-PHP documents, use the File Downloads plug-in.

Password-protecting your PHP page

Require a login on your USD web page using this PHP snippet at the very top of your web page:

<? require_once('/web/includes/sso_portal.phpi'); $sso->authenticate(); ?>

This will require a portal login before proceeding. That line must be at the very top of your page, above the <html> tag. Otherwise, the server can’t redirect the visitor to the portal for login, and they’ll see your page.

Logout button

If you want to display a logout button (and it’s a good idea), put this code on your page where you want the logout button to be:

<?$sso->button();?>

You can provide a page name to the button:

<?$sso->button('my site');?>

The button will read “Logout from my site”.

Logout link

If you prefer a link to a button, use $sso->link() instead. It has the same site name option.

Allowing individual visitors

If there is only a short list of USD community members who should have access to this page, you can provide access using $sso->allow(). You can provide it a single account name, or a list of names. You can also use it more than once to conditionally add multiple allowed visitors.

<? $sso->allow('jerry'); $sso->allow(array('george', 'elaine')); IF ($timeForCrazy): $sso->allow('cosmo'); ENDIF; ?>

home.sandiego.edu

If your web page is on home.sandiego.edu, you cannot use sso_portal. You must use sso_www.

Comments

If you have comments or tips for readers of this page, you may post them here. Questions are more appropriately directed to the webmaster. Comment on this page