Part III: Working with Components, Modules, and Plugins 458 Authentication plugins The Authentication plugins are responsible for handling the user authentication processes in Joomla! The system offers several alternative methods for handling authentication. The default method is the system-specific Joomla Plugin. Alternatives include Gmail, LDAP, and OpenID. In the default configuration only the Authentication - Joomla Plugin is active. If you want to use any of the alternative methods, you need to enable and configure the appropriate plugin from the Plugin Manager. Note The Authentication plugin files are located in the directory plugins/authentication . Joomla The Authentication - Joomla Plugin provides the default Joomla! authentication scheme. This plu- gin is enabled in the default system and should not be disabled unless you have made provision for alternative authentication. The Authentication - Joomla Plugin dialogue is shown in Figure 19.3. FIGURE 19.3 The Authentication - Joomla Plugin dialogue. Chapter 19: Working with Plugins 459 Note The principal file for this plugin type is joomla.php. No parameters are associated with this plugin. Caution Do not disable this plugin if you have not enabled an alternative Authentication plugin. Leaving the system with no active Authentication plugins causes problems. LDAP The Authentication - LDAP plugin allows you to configure your site to connect with an LDAP server. LDAP, or Lightweight Directory Access Protocol, is used in some systems to access directory systems over TCP/IP. The LDAP plugin is bundled with the Joomla! system but it is not enabled in the default configuration. If you want to use this plugin, you will need to enable it and set the con- figuration parameters. The plugin dialogue is shown in Figure 19.4. Note The principal file for this plugin is ldap.php. FIGURE 19.4 The Authentication - LDAP Plugin dialogue. Part III: Working with Components, Modules, and Plugins 460 The plugin Parameters section contains the following options: l Host: Type into this field the URL of the LDAP server. l Port: Set the Port to be used for the connection to the LDAP server. The default setting is 389. l LDAP V3: Click Yes if your system is using LDAP V3. l Negotiate TLS: Set to Yes to employ TLS encryption for traffic to and from the server. l Follow referrals: Click Yes to set the LDAP_OPT_REFERRALS flag to yes. l Authorisation Method: Sets the authorization method used in the LDAP connection. The default option is Bind Directly as User, and the alternative is Bind and Search. l Base DN: Type here the Base DN of your LDAP server. l Search String: Sets the query string to search for a user. This field supports multiple query strings, separated by semicolons. l User’s DN: This is only used if the Authorization Method Parameter is set to Bind Directly as a User. The field supports a string that dynamically matches the username typed by the user with the DN pattern of the user entry in LDAP. l Connect Username: Set up the username needed to negotiate the DN phase of the con- nection. For an anonymous connection, leave this blank. If you enter a value here, you also need to complete the next field, Connect password. l Connect Password: Set up the password needed to negotiate the DN phase of the con- nection. For an anonymous connection, leave this blank. The password is related to the Connect username. l Map: Full Name: Enter the name of the LDAP attribute that contains the user’s full name. l Map: E-mail: Enter the name of the LDAP attribute that contains the user’s e-mail address. l Map: User ID: Enter the name of the LDAP attribute that contains the user’s user ID. Note LDAP setup can be confusing, largely due to the number of options that exist on both sides of the equation — the LDAP server and the Joomla! CMS. There also exist several third-party extensions that can be added to your system to make LDAP more useful with features such as Single Sign On and Kerberos support. A good place to start is with this article in the Joomla! Community Magazine: http://community.joomla.org/ magazine/article/507-developer-ldap-from-scratch-sam-moffett.html OpenID OpenID is an authentication protocol of growing popularity. Users who have a valid OpenID account can use their OpenID username to gain access to any site that supports login with OpenID. The Joomla! system includes an OpenID Authentication Plugin, but it is not enabled in the default system. If you want to enable OpenID on your site, you need to enable the plugin and configure the parameters. The plugin’s dialogue is shown in Figure 19.5. Chapter 19: Working with Plugins 461 FIGURE 19.5 The Authentication - OpenID Plugin dialogue. Note The principal file for this plugin is openid.php. Note The plugin supports the newer OpenID 2.0. GMail The GMail Authentication plugin allows users to log in to your Joomla site using their GMail I.D. The Joomla! system includes the GMail Authentication plugin but it is not enabled in the default system. If you want to enable your site to accept logins with GMail credentials, then you need to enable the plugin and follow the following outlined steps . The plugin’s dialogue is shown in Figure 19.6. Note The principal file for this plugin is gmail.php. Part III: Working with Components, Modules, and Plugins 462 FIGURE 19.6 The Authentication - GMail Plugin dialogue. There are no parameters associated with this plugin. To use GMail for authentication on your site the user must follow these steps: 1. Create a user account on the Joomla! site with the same name as the GMail user account. 2. Log out of Joomla! 3. The user can now log back in to the site using their GMail identity. Note You must have cURL installed on your server to use the GMail Authentication plugin. To learn more about cURL, visit, http://curl.haxx.se/. Content plugins The Content plugins provide various enhancements to the Joomla! articles. With the exception of the GeSHI Code Highlighter plugin, all are enabled and are used by the default system. Few parameters exist for this group of plugins. Chapter 19: Working with Plugins 463 Note The Content plugin files are located in the directory plugins/content. Page Navigation The Page Navigation Plugin supplies the back, next and numbered page features you see in certain content areas of the site. This plugin is enabled by default. The plugin’s dialogue is shown in Figure 19.7. Note The principal file for this plugin is pagenavigation.php. The plugin Parameters section contains only one option: Position. The default setting is Below, which results in the Page Navigation being displayed below the article text. Set it to Above to move the display to the top, over the article text. FIGURE 19.7 The Content - Page Navigation plugin dialogue. Part III: Working with Components, Modules, and Plugins 464 Note If you want to hide this feature on your articles, it is not necessary to disable to the plugin, although that is one option. The easiest way to control this feature is through the site’s Global Configuration and through the parameters associated with menu items. Rating The Ratings plugin enables the article ratings functionality in Joomla! This plugin is enabled by default. The plugin’s dialogue is shown in Figure 19.8. Note The principal file for this plugin is vote.php. There are no parameters associated with this plugin. FIGURE 19.8 The Content - Rating plugin dialogue. Chapter 19: Working with Plugins 465 Note If you want to hide this feature on your articles, it is not necessary to disable to the plugin, athough that is one option. The most flexible way to control this feature is through the site’s Global Configuration and through the parameters associated with menu items. Email Cloaking The Email Cloaking plugin provides your site with a measure of protection against SPAM spiders and bots that try to harvest unprotected e-mail addresses from web sites. The plugin works by hid- ing e-mail addresses in content items. This plugin is enabled by default. The plugin’s dialogue is shown in Figure 19.9. Note The principal file for this plugin is emailcloak.php. FIGURE 19.9 The Content - Email Cloaking Plugin dialogue. Part III: Working with Components, Modules, and Plugins 466 The plugin Parameters section contains only one control: Mode. This parameter determines the techniques used to hide the e-mail address. The default, As linkable mailto address, uses JavaScript to hide the e-mail address from spiders and bots, yet still allow the address to be functional and clickable. The other options, Non-linkable Text, simple converts the e-mail address to text and strips out any link to the e-mail functionality. Tip If you want to disable cloaking selectively, you can do so by inserting anywhere in the article the following tag {emailcloak=off} Code Highlighter (GeSHi) The Code Highlighter Plugin adds GeSHI style formatting to any code you display to visitors on your site. This plugin is useful where your articles on your site include samples of code displayed in the article for viewers to see. GeSHI makes the code more readable by adding standardized code formatting to the text. This plugin is disabled by default; if you want to use it you must enable it. The plugin’s dialogue is shown in Figure 19.10. FIGURE 19.10 The Content - Code Highlighter (GeSHi) Plugin dialogue. Chapter 19: Working with Plugins 467 Note The principal file for this plugin is geshi.php. There are no parameters associated with this plugin. Load Module The Load Module plugin enables you to add modules inside of the content area of articles. This plugin exists in the default system and is enabled. The plugin’s dialogue is shown in Figure 19.11. Cross-Reference See Chapter 7 for more on working with modules inside of articles. Note The principal file for this plugin is loadmodule.php. FIGURE 19.11 The Content - Load Module plugin dialogue. [...].. .Part III: Working with Components, Modules, and Plugins The plugin Parameters section contains two options: l Enable Plugin: Set this control to Yes to enable the plugin Note that this control is redundant... the system is set to No Editor, then content creation is done in a plain text interface, where the content creator needs to add HTML tags to achieve formatting; it is the most basic editing option in Joomla! The plugin’s dialogue is shown in Figure 19.13 469 . alternative authentication. The Authentication - Joomla Plugin dialogue is shown in Figure 19 .3. FIGURE 19 .3 The Authentication - Joomla Plugin dialogue. Chapter 19 : Working with Plugins 459 Note The principal. largely due to the number of options that exist on both sides of the equation — the LDAP server and the Joomla! CMS. There also exist several third-party extensions that can be added to your system. code formatting to the text. This plugin is disabled by default; if you want to use it you must enable it. The plugin’s dialogue is shown in Figure 19 .10 . FIGURE 19 .10 The Content - Code Highlighter