All,
Another quick question concerning authentication in Mediawiki. It would apear as though we are seeking a system where the user doesn't need a password and doesn't have to register. I do have all of the users on an LDAP server which is at my disposal. I guess two questions stem from this :
1. Is there a way for mediawiki to just ask the user a username and not a password without using LDAP? I know that sounds wierd.... but it's kinda the end goal. 2. If I use LDAP is there a way to just tell it always to accept the PW without botherin to check if it's right? 3. My only other idea is to enable httpauth and figure out how to leave the auth open..
The wiki is on a private network FYI so security isn't really an issue.
Another quick question concerning authentication in Mediawiki. It would apear as though we are seeking a system where the user doesn't need a password and doesn't have to register. I do have all of the users on an LDAP server which is at my disposal. I guess two questions stem from this :
- Is there a way for mediawiki to just ask the user a
username and not a password without using LDAP? I know that sounds wierd.... but it's kinda the end goal. 2. If I use LDAP is there a way to just tell it always to accept the PW without botherin to check if it's right? 3. My only other idea is to enable httpauth and figure out how to leave the auth open..
The wiki is on a private network FYI so security isn't really an issue.
You could write an auth plugin that always returns true in the authenticate function.
You may also be able to use this extension:
http://www.mediawiki.org/wiki/Extension:NetworkAuth
I'm not totally sure it will fufill your purpose though.
V/r,
Ryan Lane
I just did a lot of digging, looks like my best bet is to use an Http Auth extension and figure out how to just not have it check a password. There are a couple extensions out there that claim to accomplish this but they seem to fail. I don't have a whole lot of experiance in PHP or I'd code it myself. I was hopeing someone had an idea on how to do it with existing code.
My idea is to make it so when a user logs in they need no password and if they don't have an account one is created for them. Any other ideas ?
Thanks for your advice, it got me going on this !
I just did a lot of digging, looks like my best bet is to use an Http Auth extension and figure out how to just not have it check a password. There are a couple extensions out there that claim to accomplish this but they seem to fail. I don't have a whole lot of experiance in PHP or I'd code it myself. I was hopeing someone had an idea on how to do it with existing code.
My idea is to make it so when a user logs in they need no password and if they don't have an account one is created for them. Any other ideas ?
Thanks for your advice, it got me going on this !
A custom authentication plugin is probably the easiest way to go. Really, this is pretty simply to do...
In a file called "NoAuthPlugin.php":
<?php /** */ # Copyright (C) 2004 Ryan Lane <rlane32 AtT gmail d0t com> # http://www.mediawiki.org/ # # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation; either version 2 of the License, or # (at your option) any later version. # # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License along # with this program; if not, write to the Free Software Foundation, Inc., # 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. # http://www.gnu.org/copyleft/gpl.html
require_once( 'AuthPlugin.php' );
class NoAuthPlugin extends AuthPlugin { function userExists( $username ) { return true; }
function authenticate( $username, $password ) { return true; }
function modifyUITemplate( &$template ) { $template->set( 'usedomain', false ); $template->set( 'ignorepassword', true ); }
function setDomain( $domain ) { $this->domain = $domain; }
function validDomain( $domain ) { return true; }
function updateUser( &$user ) { return true; }
function autoCreate() { return true; }
function allowPasswordChange() { return false; }
function setPassword( $user, $password ) { return true; }
function updateExternalDB( $user ) { return true; }
function canCreateAccounts() { return false; }
function addUser( $user, $password, $email='', $realname='' ) { return true; }
function strict() { return false; }
function initUser( $user, $autocreate=false ) { }
function getCanonicalName( $username ) { return $username; }
} ?>
Now patch the Userlogin.php template in includes/templates:
--- Userlogin.php.old 2008-06-20 13:32:04.000000000 -0500 +++ Userlogin.php 2008-06-20 13:41:51.000000000 -0500 @@ -40,6 +40,7 @@ value="<?php $this->text('name') ?>" size='20' /> </td> </tr> + <?php if( !$this->data['ignorepassword'] ) { <tr> <td align='right'><label for='wpPassword1'><?php $this->msg('yourpassword') ?></label></td> <td align='left'> @@ -48,6 +49,7 @@ value="" size='20' /> </td> </tr> + <?php } ?> <?php if( $this->data['usedomain'] ) { $doms = ""; foreach( $this->data['domainnames'] as $dom ) {
Now set the following in LocalSettings.php:
require_once( 'extensions/NoAuthPlugin.php' ); $wgMinimalPasswordLength = 0;
Now when users click the login button, it should only show a username box; when the user logs in for the first time, it'll automatically create an account for them.
Btw, if the format of the email gets botched (which is likely), email me directly, and I can send you attachments.
V/r,
Ryan Lane
Hi,
when you want to use MW with the mod_auth_sspi Module, there are some Problems with Posting Data in Wiki. There is also a Bugreport on Sourceforge about this. I first also used this Apache Module, but after several Problems uploading or editing Pages I turned around to http://www.mediawiki.org/wiki/Ldap
And this LDAP Extension in use by 2 Wikis from me.... I never had any Problem.
-----Ursprüngliche Nachricht----- Von: mediawiki-l-bounces@lists.wikimedia.org [mailto:mediawiki-l-bounces@lists.wikimedia.org] Im Auftrag von Jon Welters Gesendet: Freitag, 20. Juni 2008 15:58 An: MediaWiki announcements and site admin list Betreff: [Mediawiki-l] Authentication
All,
Another quick question concerning authentication in Mediawiki. It would apear as though we are seeking a system where the user doesn't need a password and doesn't have to register. I do have all of the users on an LDAP server which is at my disposal. I guess two questions stem from this :
1. Is there a way for mediawiki to just ask the user a username and not a password without using LDAP? I know that sounds wierd.... but it's kinda the end goal. 2. If I use LDAP is there a way to just tell it always to accept the PW without botherin to check if it's right? 3. My only other idea is to enable httpauth and figure out how to leave the auth open..
The wiki is on a private network FYI so security isn't really an issue.
-- Thank You and Sincerely, Jon _______________________________________________ MediaWiki-l mailing list MediaWiki-l@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/mediawiki-l
mediawiki-l@lists.wikimedia.org