Jump to content
  • 0

Directories and wordpress: what a fun! But how logout?


vidierre

Question

I am opening this topic because, just for fun, I was trying to integrate the new directories functionality with Wordpress. I cannot consider me an expert, but I am happy to explore, so may be that what I write hereafter could be based on wrong assumptions. Please correct me!

My thought was to use CASPIO Directories as an IDP and configure Wordpress as a Service Providers. 

  • so I started installing the miniOrange SSO using SAML 2.0 wordpress plugin
  • from the plugin settings, looking into the Service Provider Metadata tab I got the SP-EntityID / Issuer and the ACS (AssertionConsumerService) URL parameters
  • with these I created an app connection into my CASPIO directory. From its Identity Provider setting section I got the Identity provider identifier and the Single sign-on URL IDP parameters
  • going back to the miniorange settings, I configured a Custom IDP with these parameters and pasted the CASPIO certificate

The result is that I got an extra login button with the App name defined in CASPIO Directories. When I use it I successfuly got redirected to my user portal where I can login with CASPIO credentials.

Now the question is about logout. If I logout from wordpress when I login again (with the wonderful saml) it seem I am already logged in and no crewdentials are required.  How can I logout also from CASPIO?

To do these tests I found useful these readings:

 

Link to comment
Share on other sites

8 answers to this question

Recommended Posts

  • 0

UPDATE

  1. @ParkLoey I think that if you make available a Directory structure is very belittled if it is "just for Caspio app use". This for two reasnons: the first is that a Directory is very useful if it can be work like and identity provider for other system; the second is that CASPIO cannot undervaluate the potential of Wordpress used as front-end. Tons of functions easy to implement with wordpress are very far to be implemented with CASPIO.
  2. ANYWAY I FOUND THE SOLUTIONS and is quite simple. From Wordpress you need to set the logout URL redirection to the CASPIO URL logout. In this way when users logout they quit the session with Wordpress and then also the CASPIO one.

The only contraindication is the miniorange plugin price. You can have this functionality with the Free one too, but at login your users will be redirected to the wordpress dashboard. This could be undesired.

Link to comment
Share on other sites

  • 0

Nice workflow you got there, @vidierre! Although my thoughts about Caspio's Directories was just for Caspio app use, yours look great. It looks like Directories is still on beta period, perhaps the logout option will be added soon enough. Will be following this thread for future references. Would also add the article they have for creating user portals:

https://howto.caspio.com/directories/directory-user-portal/user-portal-pages/

 

Link to comment
Share on other sites

  • 0

Hey there! Caspio releases new enhancements to the Caspio Directories feature, check this out: 

- Ability to enhance user profiles with field values using Text64000, Number, Integer, and Yes/No data types 
- Ability to include user profile fields using data from a related table
- Ability to customize the fields shown in the user list view 
Source: https://howto.caspio.com/release-notes/caspio-37-0/caspio-37-0/#:~:text=Enhancements to Caspio Directories

Link to comment
Share on other sites

  • 0

Hey there! Caspio releases new enhancements to the Caspio Directories feature, check this out: 

  • Page redirection options for sign-in and sign-out.
  • Single logout (SLO) from third-party connected apps, so users are automatically logged out from the directory when logging out from a connected app.
  • Ability to display a custom background image on the sign-in page, providing you with another way to customize your app’s login experience.

Source: https://howto.caspio.com/release-notes/caspio-43-0/#:~:text=Enhancements to Caspio Directories

Link to comment
Share on other sites

  • 0

I'm pretty confident that the work CASPIO is doing on the directories will continue until they become a crucial mechanism.
As of now, it seems to me that they're missing (or maybe I just haven't figured them out) two essential features for real-world production use:
1. User self-registration with email verification. Currently, I'm managing this with some data pages and traditional authentication.
2. Self-service password recovery.

This was my thought until 44.0 now I have to try it.

 

Link to comment
Share on other sites

  • 0

Hi @ParkLoey I'm still studing the CASPIO Directory functionality, after the Rel.41  I was hoping to get the solutions but, again I was unable to make working the Single Logout Function within a SAML environment. My feeling is that Directory functionality is built for Enterprise plan where other stuff can be integrated (i.e. self service reset psw) form a "Growth Plan" point of view cannot be used as-is. You wrote that your "thoughts about Caspio's Directories was just for Caspio app use"  but this is not what CASPIO declares into the documentation:

Quote

App connections enable a directory to act as an identity provider to external services. For example, a directory administrator can add app connections to authenticate directory users to apps supporting SAML single sign-on (SSO), for example HubSpot, Slack, Zoom, etc.

Up to now I cannot use directory in my app because:

  1. May be I am not still able to use them
  2. There is no mechanism for self registration - You can workaround as you like but at the end one real person has to logon into CASPIO account and activate the registered users
  3. There is no mechanism for self password-reset
  4. The attributes returned on logon are only:

My overall feeling is that CASPIO, from its first steps at the beginning of 2000, is becaming tied only with high budget companies. There are some things that is very incomprehensible why he didn't try to modify them to make more appealing the platform.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Answer this question...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
×
×
  • Create New...