Hi,
"Local" users are on an identified network address range (via .htaccess)
and "remote" users are anyone who's not "local." In both cases
they have
accounts. The problem is Apache won't pass REMOTE_USER if the directory is
considered to not require auth, which I need to have the site read-only for
logged in local users. The only thing I've been able to come up with is to
duplicate the MW instance using the same database at a different locations,
but that means people will be using different URLs. I also set up a scheme
where a directory requiring htauth login stores REMOTE_USER in a session
variable then bounces them back, but it required further hacks and I'd
prefer something cleaner.
David
On 7 September 2013 06:07, Виталий Филиппов <vitalif(a)yourcmc.ru> wrote:
Hi David! What do you exactly mean by
"local" and "remote" users? Where do
either of them really have accounts?
david mason <vid_wikimedia_enterprise(a)zooid.org> пишет:
Hi all,
I've been hacking at this for a while and hoping someone has solved it.
I am trying to set up MediaWiki with LDAP so users from a remote network
must log in, but it's optional on the local network. I don't want users to
have to log in twice, so I set up Extension:AutomaticREMOTE_USER (htauth) which
works well for remote users, but I can't determine a good way to permit
login for local users in the same instance.
I've tried a variety of hacks, including setting a directory where the
local user must log in then directing them back, but Apache won't pass
REMOTE_USER in the MW directory for a local user, and other hacks are all
ugly in one way or another. Does anyone have any ideas?
Thanks!
David
------------------------------
Mediawiki-enterprise mailing list
Mediawiki-enterprise(a)lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/mediawiki-enterprise
_______________________________________________
Mediawiki-enterprise mailing list
Mediawiki-enterprise(a)lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/mediawiki-enterprise