Login page SSO help

system · August 5, 2009, 12:58pm

mkidd7 wrote on Wednesday, August 05, 2009:

Hi,

I am attempting to use an SSO product with the login page. The conversion of the password from clear text into an encrypted password is causing problems. The SSO product attempts to automatically submit the form. This fails because the password has not been encrypted. There does not appear to be a java function that I can call via the SSO product to force the submit to occur by encrypting the password. Does anyone know if there is a particular function I can call?

The alternative would be to remove the encryption from the login page. Is this possible? This environment is not a production environment and contains no patient data, so I am not concerned about the security.

Thank you. Any help would be appreciated.

Matt

system · August 5, 2009, 8:51pm

drbowen wrote on Wednesday, August 05, 2009:

SSO product… You really are going to need to tell us more about your setup and the programs that you are using to be of much help.

PHP has built in "md5" and "crypt". But perhaps you knew that already?

I may be missing something here but you will not likely be permitted to use SSO in any electronic health record because HIPPA and "Meaningful Use" requirements going on in the future. We are discussing reworking the login page at this time so this may be a wasted effort.

Sincerely,

Sam Bowen, MD

system · August 10, 2009, 7:26pm

cfapress wrote on Monday, August 10, 2009:

Right now, in our Agency, we’re using Windows Active Directory for authentication. I put together a module for OpenEMR that you can inspect in the folder <oemr>/library/adldap. I too hoped to have a SSO feature but stopped due to time constraints and issues with Kerberos in Linux mixing with our ancient Windows 2000 server.

Be aware that the ADLDAP solution does not encrypt the password from the client browser to the server nor from the web server to the AD server. Since I’ve been the only person, that I know of, using the Active Directory integration piece it hasn’t been an issue. Until now.

Jason

mohit · November 19, 2021, 11:02am

@system @brady.miller

Hey team in openemr there is any facility for sso for my web-application.

stephenwaite · November 19, 2021, 1:19pm

Hi @mohit , there’s google signin for the dev version

Jit_Chawla · January 14, 2022, 2:42am

Hello,

Can anyone help with or at least advise on the following:

Need single sign on built with OpenEMR integrated to Azure Active Directory. User would log with their Microsoft login and it would then take them into their MS applications as well as OpenEMR. The access privileges set in Azure would be what they would get in OpenEMR. So OpenEMR ACLs must be mapped into Azure ACLs
oAuth functionality where they could use the Microsoft credentials to log into OpenEMR. Ok to have authentication token if needed.

Note that OpenEMR instance is on a 2019 Windows Server on AWS.

Understand that version 6 has LDAP but what that be sufficient for what wanted here or how can we leverage that and who can help us build the rest.

Need is immediate. Thanks!