We completed 'Auto_Login_via_REMOTE_USER' method only to realize our
intranet search engine can't index pages of a wiki in an SSO protected
folder. So I've pieced code from Otheus:REMOTE_USER and Greg's
CASEwiki solutions to create a skeleton Login script at bottom.
If anyone could review the code and provide input, it would be greatly
appreciated. I've scrutenized everything I can find in
Meta,CaseWiki,mediawiki-l and can't figure out why it won't complete
the login of a $username that is known ($u->getId returns '13').
At the main page, I click Log in, get routed to SSO, enter
credentials, returned to main page, but the username doesn't appear on
the page (not logged in)????
The Otheus solution assumed the header variable is set (SSO for us)
before viewing any page. Greg Scorz's solution allows for anonymous
browsing (and search engine crawling) the the user actively logs in.
Is it possible to take the Otheus Hook and implement it as a separate
script that the user can be directed to from a successful SSO page?
Unique features and debugging have been removed for easier review.
Thanks in advance for any input,
Brian
------
<?php
/*
this script must be placed in an SSO-protected folder
Anonymous user attempted MW login. ISAPI_Rewrite.dll filter
redirected *Special:Userlogin* request to InitLogin.php
which captured refferer data then redirected to this script.
The SSO webgate filter intercepted the request and redirected
to SSO challenge. Successful SSO directs the browser
and supplies user data in header variables like HTTP_UID
This script gets username from header variables and checks
to see if username exists in MW.
IF so, login.
If not, create new user.
*/
session_start();
define('MEDIAWIKI', true);
require_once('..\LocalSettings.php');
require_once('..\includes\Defines.php');
require_once('..\includes\Setup.php');
global $wgUser, $wgRequest, $_REQUEST, $_SERVER;
//save url of page user clicked 'login' from
$redirect = $_SESSION['http_referrer'];
unset($_SESSION['http_referrer']);
// Do nothing if MW session is already valid
$wgUser = User::loadFromSession();
if ($wgUser->isLoggedIn()) {
die("A session is already valid");
}
//set up PHP session
if ( !$wgCommandLineMode && !isset( $_COOKIE[session_name()] ) ) {
User::SetupSession();
}
//set the login username
$username = $_SERVER['HTTP_OBLIX_UID'];
//set instance of user
$u = User::newFromName( $username );
$wgUser = $u;
// check user exists in MW
if ($u->getId() != 0) {
//Username is known so login
$_REQUEST['wpName'] = $username;
$wgUser->setCookies();
$wgUser->saveSettings();
} else {
// Since username is unknown, create a user.
include '..\includes\SpecialUserlogin.php';
$form = new LoginForm( $wgRequest );
$form->initUser( $wgUser );
$wgUser->saveSettings();
}
//finally redirect the user back to his original page
header("Location: $redirect");
?>