We posted some questions for needed information / details some time ago:
The questions remain open. The questions are as follows:
1) How do we provision new UBB.threads accounts correctly since Drupal will be driving, and we will not be creating users via the UBB admin area?
2) What is the syntax for the magic cookie (That will indicate to UBB.threads that the user is logged into UBB.threads.) that Drupal should set when a Drupal login event happens successfully?
3) Is there a way to sync UserIDs and Passwords between Drupal and UBB? The front door will be mandatory Drupal and users will not be able to log into UBB. So could we possibly blank out the ability to log in via UBB? Perhaps blank out the UBB password in the database?
4) Syntax for adjusting that cookie when a Drupal logout event occurs so UBB.threads no longer thinks the user is properly authenticated.
Adding an account is adding the corrent userinfo to ubbt_USER* tables. You need to add an entry to each of those tables. The userdata is spread between tables.
2)
Have a look in /admin/loginas.php
3)
No real need to sync, you can just set a random password in the ubb database and put that one in the cookie.
To follow up on #3 then. How can we prevent UBB.threads logins and enforce Drupal as the front door?
Do I assume correctly that all UBB.threads password checking is bypassed via having the magic cookie present and properly prepared, so possibly just replace the current UBB.threads passwords with random junk, or...?
Preventing ubb.threads logins can be as simple as disabling the loginscreen. The login link in ubb I think is something you want to replace with a drupal link anyway.
Donate to UBBDev today to help aid in Operational, Server and Script Maintenance, and Development costs.
Please also see our parent organization VNC Web Services if you're in the need of a new UBB.threads Install or Upgrade, Site/Server Migrations, or Security and Coding Services.