CiviCRM Community Forums (archive)

Enhancing the functionality to allow folks to use a local registration method instead of openID is potentially a good step. There have been a few requests for this. A contribution to make this happen will be welcomed by a few folks in the standalone community

lobo

maybe you could organize a group of folks who want another option and raise the funds and sponsor the development. However if needing another option is key, then not very sure why folks dont use a CMS which gives you that option (and also a lot more)

lobo

So there are a few issues to address here. I'll try to hit them all, but let me know if I miss any.

1. Problem: You want to be able to login to a CiviCRM standalone instance w/o having an Internet connection which would be required to verify your OpenID. Potential solutions: 1. Run a local OpenID provider separate from CiviCRM; 2. Implement a non-OpenID login method for this use case (and possibly others); 3. Make CiviCRM itself an OpenID provider. I personally prefer #3 as the long-term solution here, especially since it solves many other use cases too and is a natural fit for a CRM. Since it already holds lots of data on people, it would be nice if it could (optionally) turn those records into OpenIDs. If we go this route, then my goal would be to make the interface behave just like a traditional login system. So you'd just have a username and a password and they would be verified locally with no Internet connection required. Behind the scenes CiviCRM would treat this as a local OpenID, but the user need not know or care about that until the day comes that she wants to use it to authenticate on a different site, which she can do by using "http://username.civicrmsite.org/" as her OpenID (or something along those lines). What do you think?

2. Problem: OpenID is inappropriate for some users (with the implication that a CiviCRM-specific login would be better). Response: I don't think this is right. The main problem with OpenID as it is currently implemented in CiviCRM standalone, aside from the disconnected login issue, is that it doesn't make it apparent that you most likely already have one. A login you already have is certainly preferable to having to register for yet another login on yet another site you may or may not ever re-visit. CiviCRM 2.3 will have a provider selector widget that pops up and makes it much more apparent to users that they probably already have an OpenID. So hopefully this point of confusion will go away.

3. Problem: Standalone is the most limited version of CiviCRM. Response: Yes and no. It's the most recently developed version of CiviCRM, but it has most if not all of the functionality of CiviCRM *as a CRM*. When we implemented standalone, it wasn't so much a matter of exposing CiviCRM features in standalone one by one as it was making the front-end display system work w/o a CMS and then everything else was just there. Having said that, since there is no CMS involved, there is not much out-of-the-box CMS integration happening. So if having your CRM and your website work pretty closely together (for example, to display an event reg. form and a list of those already attending on your website which posts to/reads from your CRM) is important to you, then choosing CiviCRM+Drupal or CiviCRM+Joomla! might be a better choice than CiviCRM standalone. However, if you need it to work with a different CMS and/or don't have those requirements, then yes, standalone is a simpler and more appropriate choice. In my day job, I integrate our CMS (WebGUI: open source mod-perl CMS) with CiviCRM via the REST API. So there are lots of ways to do that depending on your resources and requirements.

Does that help?

most of the files in the standalone directory are involved with the authentication process

standalone was a sponsored project. the folks who paid for it had decided to use OpenID as their authentication scheme

If you want a simple table based auth scheme, any specific reason you are not using Drupal or Joomla version of CiviCRM?

lobo

rather than trying to hack the code, i would just use civicrm on drupal. You dont have to use the other features of drupal, just the user management part

in general most open source software needs to be upgraded on a regular basis to keep up with security releases / bug fixes etc. I suspect if u want to install and forget about it, it might not be a great match

lobo

its not as hard as you think (yes its a bit painful sometime)

However the advantages of a CRM integrated with a CMS is probably CiviCRM's biggest strength (IMO). The integration with drupal permissioning, views and other modules really makes the whole package a whole lot more compelling than just a CRM. my 2 cents ...

lobo

But hey, I'll quit whining, this is what open source is all about.

Have to disagree, open source is about installing/patching/upgrade/patch again

Heh heh.  I have an itch and I am going to try to scratch it.  It shouldn't be too terribly difficult to implement a password field in the user table to authenticate against...  What might be hairy is figuring out how to implement a config option to allow a "local authentication" mode so the functionality can be toggled in the admin options, then adding fields in the add/edit contact forms, login forms, etc...  Sounds fun

Unless you plan to provide a password to the vast majority of users, I'd suggest to have a separate user table (as opposed as adding a pwd field in the civicrm_contact).

Also, no need to have a web interface to choose the local auth, do like for the 3 existing, from a config value in a file.

Let us know how it goes.

X+