I know this question defeats the object of having security in the first place, but you know how clients can be sometimes.
Basically the client has 2 sites, one built in modx and one in asp, they both have a login in place with a single user profile that every visitor gets to use.
They want users to be able to login to the asp site and then click a link to visit the modx site and be logged in automatically - I'm not even sure this is possible...
I've tried passing the same variables that the login form does to various pages but without any success, I'm just returned to the login page each time.
www.mywebsite.com/index.phpid=87&username=myusername&password=mypassword&returnUrl=%2F&service=login&Login=Login
Has anyone else tried anything similar before? I've got some code that would allow me to do something with php but with the referring site being built in asp which I have now knowledge of, I'm a bit stumped.
E2A:
I asked the same question on the Modx Forums and recieved this by way of reply:
I think the best way should be to use a third party login service such as OpenID. But this means changes to the site based on asp. If you want to do this with url parameters, don't use the "Login" snippet. "Login" needs input to authenticate a user. Make a custom snippet and get usage of the security/login processor (I assume you are running Revolution 2.2x). The snippet can be something like this:
<?php
$loginContext = $modx->context->get('key');
$c = array(
'login_context' => $loginContext,
'username' => $_GET['username'],
'password' => $_GET['password'],
'returnUrl' => null,
'rememberme' => false
);
$response = $modx->runProcessor('security/login', $c);
return true;
?>
The snippet seems to work and returns a value of 1, but it's not logging me in, probably because I don't know what this means
get usage of the security/login processor
Where would I do that?