Integrating Shibboleth authentication

rottstegge · August 1, 2022, 1:52pm

Hi everyone!

For a client project, I’m setting up a site that will include a frontend login. Logged in users will be allowed to upload images and texts that can then be approved and published by admins. For this I want to use Kirby and work along this tutorial: Cookbook – Restricting access to your site

My main issue is this: My client is a university that uses their own authentication system based on Shibboleth. People with university accounts (students, teachers e.g.) should be able to log in to the site using their university credentials.

While user data should remain on my server, authentication would be handled via the Shibboleth system. In all honesty I have never worked with an external authentication provider and don’t really now how to get started.

Is it realistic to integrate Shibboleth with Kirby? Does anyone have hints on how to get started or worked on anything similar? Any hints are appreciated!

lukasbestle · August 1, 2022, 6:30pm

External authentication is certainly doable. Your frontend login form needs to take care of two things:

Ensure that every authenticated user has a user in Kirby. E.g. you can check during login whether the user already exists. If not, you can dynamically create the user on the first login.
On login, call $user->loginPasswordless().

The rest (permissions, session handling, logout etc.) is all handled by Kirby.

Topic		Replies	Views
Create User Authentication Help	7	485	July 2, 2020
Kirby User Login Questions 🤔	2	812	September 30, 2017
Authenticate against 3rd Party User Database Kirby 3	5	1042	August 22, 2021
Massive user authentication Questions 🤔	5	1231	September 1, 2017
Authenticating against current password Solved ✅	2	351	May 17, 2021

Integrating Shibboleth authentication

Related topics