It's not clear that multiple MediaWiki's _can_ share the same user cookie if you are using the login code as-shipped.
Each wiki has its own user table and its own user tokens. If you log in to one wiki (say, "W1"), it puts a token in your cookie and writes it in its W1 user table. When you go to another wiki ("W2"), it checks your token from the cookie and ... Doesn't find it in _its_ user table. When the token is not found, you are not considered to be logged in. So you have to log in to W2. W2 generates a new token, and writes the token in the cookie. Now suppose you go back to W1. W1 checks your token from the cookie -- but the new W2 token isn't in _its_ (W1) user table. So you have to log in again to W1.
Mashing the code to use the same user table for different wikis is well beyond _my_ appetite for punishment, but you may feel differently.
If you really want single signon, check out Gregory Szorc's comments earlier today (as replayed by Matt England):
At 3/25/2006 11:30 AM, Gregory Szorc wrote:
There are multiple ways to implement single sign-on (SSO). The way you describe, a user goes to a URL, signs in, and gets logged in to other applications right there and then using HTTP calls on behalf of a user. This is pretty insecure and a pain to implement. It also doesn't scale very well.
Another way to implement single sign-on is with a single sign-on server, which has a single sign-on protocol. When a user logs in to any application using SSO, they get whisked away to the SSO server. If they aren't logged in to the server, they get prompted for their credentials. When they are logged in, they get signed in to the desired application.
As for SSO servers, I recommend CAS (http://www.ja-sig.org/products/cas/). It has clients for almost every language, including PHP, and the protocol is simple enough to create clients in other languages. I have successfully deployed MediaWiki behind it. It shouldn't be difficult getting it to work with the other applications either.
Gregory Szorc gregory.szorc@case.edu
-- Joshua
On 3/24/06 2:18 PM, "Sy Ali" sy1234@gmail.com wrote:
I've got some issues with multiple wikis timing out and forcing multiple logins throughout the day. They're all hosted on the same machine in different subdirectories (for various reasons).
I do recall that there is some functionality to tweak how these wikis create their cookies.. in theory they could all share the same one. I'm not sure where to begin looking for the answers so I thought I'd ask. _______________________________________________ MediaWiki-l mailing list MediaWiki-l@Wikimedia.org http://mail.wikipedia.org/mailman/listinfo/mediawiki-l