Come together with the global Drupal community in Rotterdam, 28 Sept – 1 Oct 2026. Sessions, contribution, connection, and Early Bird savings until 8 June.
By mxc4 on
Hi all,
We have a strange requirement for integrating drupal into an existing, custom built, external authentication system. I know that one can override _auth hook function and the _user function to achieve external logins using xmlrpc or some other api to connect to the remote authentication server but the architect is insisting, don't ask, that we need to redirect to a completely different site which hosts the login pages and have username etc entered and authenticated there with the authentication site redirecting back to drupal upon success.
A custom cookie is going to be dumped onto the clients machine that drupal will have to detected and then do the necessary to setup the drupal user object as authenticated. Where would be the best place to implement this? Currently I am looking at overriding the session read function.
(I am not sure how the cookie is going to be created since the authentication site is in a different domain but I have been told that they can do it)
Any ideas
thanks
