Hi all,
I am trying to implement a single sign-on system so that users of our site can register once and then edit our wiki and post to our phpBB forums without having to re-register and re-login. I have the phpBB side of it working pretty well, but I'm having problems with my MediaWiki authentication plugin, and I was hoping someone might be able to point me in the right direction.
By way of background, my knowledge of PHP is pretty limited - Python, Java and C# are where my experience lies.
In order to implement the plugin, I started with Jeremiah Orem's HttpAuth extension and switched the references to $_SERVER['PHP_AUTH_USER'] so that they looked at the "screenName" field on my own user objects, which I had stored in the PHP $_SESSION global .
My problem is that the user objects are not visible from the AutoAuthenticate hook that I've written.
My existing login page stores the ResolverUser object in the session with this code:
function SetLoggedInUser($user) { session_start(); $_SESSION['resolveruser'] = $user; } * *I register the AutoAuthenticate hook like this (in LocalSettings.php):
require_once("$IP/extensions/ResolverAuthPlugin.php"); $wgAuth = new ResolverAuthPlugin(); $wgHooks['AutoAuthenticate'][] = array($wgAuth,'autoAuthenticate');
In the autoAuthenticate method of ResolverAuthPlugin, I call a function to get the user so that I can create a MediaWiki user if necessary:
function GetLoggedInUser() { session_start(); return $_SESSION['resolveruser']; }
But the user I get back is null. If I go to any other page that calls the GetLoggedInUser() function, I get the correct value back, so I know it's there. Perhaps there's some scoping issue with session values that I don't understand? I am also suspicious of my multiple calls to session_start(), but they've been there for a while and haven't caused problems before...
Any hints or tips would be much appreciated; if this is off-topic for the list, my apologies and I'd be grateful to hear where the right place for questions like this is.
Regards,
Giles