"nice job!!!"
External Site -> Ning SSO
If I authenticate a user in at an external page via OAuth, and then they follow a link from that page to my Ning site, are they logged in to Ning?
I looked through the various requests I can make via the API, but I didn't see any specific to setting the users state as logged in or logged out.
The topic of SSO is discussed in length on this forum and build, but a lot of the threads were somewhat dated, and I kept seeing "kinda sorta" answers, so I just wanted to try and get some clarification.
If this is not possible, is there another way I can verify the user is logged in?
In this thread, http://creators.ning.com/forum/topics/ning-login-external-site, Bernardo asks:
Their intention is to once a user authenticates in their site, he's also authenticated in the their NING Network, and the way back to.
I only need the red part. Eric said that it may be possible via the Ning API, but that I can't create new users, which is fine. I just want to be able to verify a user has valid login credentials in my system, and not make them log in a second time inside Ning.
Replies to This Discussion
-
Permalink Reply by Steve Spadt on -
I have the exact same request/need. Has anyone from Ning responded to this inquiry, yet? If not, have you found any other discussions or information about SSO between Ning and outside systems?
-
Permalink Reply by Ron Fritzemeier on -
Ning has responded to these types of questions several times, and the answer is sorta-kinda, yes/no.
As far as I can tell, there is 1 solution...
1. Collect username/password on your own site, set the action to Ning's login page (where your login is POSTed when you sign in normally)
2. Validate username/password (I'd probably ajax a ning API handler)
3. On success from your handler, create your own session ID or whatever you want to track the user with, save it to your database, matching it to the users author id from ning.
4. Let the form go on its merry way to the normal ning login.
It's super kludgy but I've tested each piece and they work. You could probably check Nings session cookie after the user finishes logging in and additionally tie your own session id in with that cookie, so you can remember the user based only off the ning cookie, or set your own cookie. I haven't tested that part, but it should be pretty simple.
Ultimately I decided to migrate my platform off Ning since after all the hacking I've had to do to get Ning to do what I want, I could have set up a drupal/joomla setup to do everything I need from Ning in half the time.
P.S. This isn't a dig at Ning - I'm a developer and need more access to the backend than Ning provides (which is a good thing for their typical use cases).
They should get off their butts and set up SSL for custom mapped domains though.
Latest Activity
Fire-Tech replied to Alex's discussion 'More styling in the Design Studio'"Good job! I would suggest a check box to move the ningbar to the bottom of the page when…"
Allison Leahy replied to Allison Leahy's discussion 'What is your Ning 3.0 URL?' in the group The Sandbox"Hi Peggy! Sorry for the slow response here. The designers used Eagle for the headlines and Gotham…"
Liliana Parra replied to John Bizley's discussion 'Show Your Ning 3.0 Sites'"Mine is here... Disaster Risk Management (Spanish)
http://gestiondelriesgo.ning.com/"
Allison Leahy replied to Jen's discussion 'Menu on Mobile Device Difficult'"Absolutely! Thanks for bringing it to my attention, and for your patience as always."
Allison Leahy replied to Dw Alternatio's discussion 'Any way to change to a 3.0 network?'"Hey Dw, So glad to hear you're interested in checking out the redesign! Make sure that after…"
NC for HireJen replied to Jen's discussion 'Menu on Mobile Device Difficult'
"Thanks Allison. I have spent hours trying to fix this. That's great news!"
Allison Leahy replied to Jen's discussion 'Menu on Mobile Device Difficult'"Just got the word that the release had no impact the mobile menu and a feature improvement has…"
Cultivating Community
© 2013 Created by Ning.
