Re: [Mediawiki-l] Name and Password from PHP_AUTH

Hi Anthony I realize this is much, much, later, but I thought a late response might be better than no response. The Mediawiki authentication code is twisted and complex, and also changed a lot (for the better!) with 1.4. So when my group upgraded, I scrapped the modifications I had made. Instead, I used mod_auth_mysql in apache to check auth-basic credentials against the wiki's user table. Here are the apache <Directory> blocks I use to do it: <Directory /var/www/html/wiki> SSLRequireSSL Order allow,deny Satisfy Any Allow from all </Directory> <Directory /> SSLRequireSSL # SSLRequire %{SSL_CIPHER_USERKEYSIZE}>=128 Order deny,allow Deny from all AuthName "Members Only" AuthType Basic AuthMySQLHost localhost AuthMySQLUser dbusername AuthMySQLPassword dbpassword AuthMySQLDB wikidb1 AuthMySQLUserTable user AuthMySQLNameField user_name AuthMySQLPasswordField user_password AuthMySQLMD5Passwords On AuthMySQLNoPasswd Off AuthMySQLAuthoritative On AllowOverride AuthConfig Require valid-user </Directory> This makes the wiki rely on it's own authentication for security, but protects the rest of the site with the same logins. So, you do need to make some changes to the wiki's configuration. This is a good starting point for info on how to do this: http://meta.wikimedia.org/wiki/Preventing_Access You will also need to remove the salting algorithm that mediawiki uses to increase the security of their password by adding this to the LocalSettings.php file: # So that mod_auth_mysql can understand passwords too $wgPasswordSalt = false; This WILL invalidate all your passwords! But, now people can manage their access to the site using MediaWiki's account creation tools. So they can have the wiki mail them a temporary password, if it has their email. I'll copy to the list as well, as a few similar questions have been generated by that post. On 8/17/05, Anthony McKernan &lt;Anthony.McKernan(a)newcastle.ac.uk&gt; wrote: -- David Cameron University of British Columbia http://bar.psych.ubc.ca/People/Dave.html