Come together with the global Drupal community in Rotterdam, 28 Sept – 1 Oct 2026. Sessions, contribution, connection, and Early Bird savings until 8 June.
By regenwethernolanj on
Hello. I was wondering if anyone has successfully integrated drupal and siteminder. I have seen that several people have asked about it and have started working on this myself. If we can get this integrated with siteminder built into a module, this will be a big push for Drupal into the corporate world. There are a lot of very useful situations at our company that we could use Drupal for yet are having trouble getting siteminder integrated. I have started to work on some code form the Shib2Drupal module, where I took and basically just modified that code to use $smuser instead of the variable for shibboleth.
Anyways, I am looking to get some feedback into how people have integrated with siteminder or information about integrating. If no one has succeeded, I am posting the code I have been working on in here for all to see and play around with. Thanks everyone.
<?php
/**
* Created on Jul 17, 2008
* @author REMOVED_FOR_CONFIDENTIALITY
* Bended from shib2drupal by twist3r
*/
/**
* Function which lists permissions
*/
function siteminderauth_perm() {
return array('access siteminderauth', 'create siteminderauth', 'administer siteminderauth');
} // function newmodule_perm
/**
* Function to run everytime
*/
function siteminderauth_init()
{
global $username, $account;
if ($username = $_SESSION["sm_user"])
{
if (!module_exists('user'))
{
drupal_load('module', 'user');
}
$account->name = $username;
$user = user_load($account);
// If this is a new user create him/her
if (!$user->uid)
{
$user->roles = array(2=>'authenticated user');
user_save($user, array('mail'=>$username, 'name'=>$username, 'status'=>1));
drupal_goto();
}
}
}
/**
* Implementation of hook_user().
*
* "load": The user account is being loaded.
* The module may respond to this and insert additional information into the user object.
* http://api.drupal.org/api/function/hook_user/5
*/
function siteminder2drupal_user($op, &$edit, &$account, $category = NULL)
{
if ($op == "load")
{
// get roles list, format: "drupal::role1;drupal::role2"
$siteminder_groups_list = NULL;
// get roles array, "drupal::DSET" -> "DSET"
$siteminder_drupal_groups = array();
preg_match_all('/drupal::([^;]+)/' , $siteminder_groups_list, $siteminder_drupal_groups);
$drupal_groups_list = $siteminder_drupal_groups[1];
// load drupal roles
$drupal_roles = user_roles(true);
// iterate through siteminder roles
foreach ($drupal_groups_list as $group) {
// add each siteminder roles that matches a drupal role and is not already assigned to the user
if ($rid = array_search($group, $drupal_roles))
{
if (!in_array($group, $account->roles))
{
$account->roles[$rid] = $group;
}
}
else
{
watchdog('user', "Siteminder group '$group' does not match any Drupal role", WATCHDOG_NOTICE);
}
}
}
}
/**
* Implementation of hook_menu().
*/
function siteminder2drupal_menu($may_cache)
{
global $user;
$items = array();
if ($user->uid)
{
$items[] = array
(
'path' => 'REMOVED_FOR_CONFIDENTIALITY',
'title' => t('Log out'),
'access' => user_access('access content'),
'callback' => '_siteminder2drupal_logout',
'weight' => 10,
'type' => MENU_NORMAL_ITEM
);
}
return $items;
}
/**
* Logout notice.
*/
function _siteminder2drupal_logout()
{
global $user;
// Log out user from Drupal
session_destroy();
module_invoke_all('user', 'logout', NULL, $user);
$user = drupal_anonymous_user();
// Siteminder-logout is not possible!
return t("You have been logged out from Drupal. Please close your browser to complete the logout process.");
}
?>
Comments
not needed
As it turns out... This module is un needed. Siteminder is totally integrated simply by installing WebServer Authentication module. This is located here ...
http://drupal.org/project/webserver_auth
Install... Uncheck the two options they provide, and poof, magically it works. Thanks guys