On 3/9/07, Guilhem Bonnefille guilhem.bonnefille@gmail.com wrote:
In such environment, my need for the "login" stage is only to identify people. I do not need them to authenticate (no need to password). The need is to know who made what, in a "confident" world.
Identification implies authentication. Otherwise, how do you distinguish between the real PersonA and PersonA's malicious impersonator?
Is it possible to configure MediaWiki to only require a login (without password) and only check that this login exists in a LDAP database?
It's _possible_ - though IMO this is a bad idea. Why not just use the LDAP authentication extension?
http://meta.wikimedia.org/wiki/LDAP_Authentication
On 3/9/07, Thomas Dalton thomas.dalton@gmail.com wrote:
Is it possible to configure MediaWiki to only require a login (without password) and only check that this login exists in a LDAP database?
You could instruct everyone to register with (or register for them with) an empty password ("") (or remove the password box from the signup page and hardcode it to ""), it seems they are allowed by default ($wgMinimalPasswordLength = 0 is the default). You could probably go in and remove the password box on the logon form (or setting it to hidden might be easier) as well.
MediaWiki-l mailing list MediaWiki-l@lists.wikimedia.org http://lists.wikimedia.org/mailman/listinfo/mediawiki-l