Hi all,
I am trying to implement a single sign-on system so that users of our site can register once and then edit our wiki and post to our phpBB forums without having to re-register and re-login. I have the phpBB side of it working pretty well, but I'm having problems with my MediaWiki authentication plugin, and I was hoping someone might be able to point me in the right direction.
By way of background, my knowledge of PHP is pretty limited - Python, Java and C# are where my experience lies.
In order to implement the plugin, I started with Jeremiah Orem's HttpAuth extension and switched the references to $_SERVER['PHP_AUTH_USER'] so that they looked at the "screenName" field on my own user objects, which I had stored in the PHP $_SESSION global .
My problem is that the user objects are not visible from the AutoAuthenticate hook that I've written.
My existing login page stores the ResolverUser object in the session with this code:
function SetLoggedInUser($user) { session_start(); $_SESSION['resolveruser'] = $user; } * *I register the AutoAuthenticate hook like this (in LocalSettings.php):
require_once("$IP/extensions/ResolverAuthPlugin.php"); $wgAuth = new ResolverAuthPlugin(); $wgHooks['AutoAuthenticate'][] = array($wgAuth,'autoAuthenticate');
In the autoAuthenticate method of ResolverAuthPlugin, I call a function to get the user so that I can create a MediaWiki user if necessary:
function GetLoggedInUser() { session_start(); return $_SESSION['resolveruser']; }
But the user I get back is null. If I go to any other page that calls the GetLoggedInUser() function, I get the correct value back, so I know it's there. Perhaps there's some scoping issue with session values that I don't understand? I am also suspicious of my multiple calls to session_start(), but they've been there for a while and haven't caused problems before...
Any hints or tips would be much appreciated; if this is off-topic for the list, my apologies and I'd be grateful to hear where the right place for questions like this is.
Regards,
Giles
What system do you have?
2007/11/21, Giles Thomas giles.thomas@resolversystems.com:
Hi all,
I am trying to implement a single sign-on system so that users of our site can register once and then edit our wiki and post to our phpBB forums without having to re-register and re-login. I have the phpBB side of it working pretty well, but I'm having problems with my MediaWiki authentication plugin, and I was hoping someone might be able to point me in the right direction.
By way of background, my knowledge of PHP is pretty limited - Python, Java and C# are where my experience lies.
In order to implement the plugin, I started with Jeremiah Orem's HttpAuth extension and switched the references to $_SERVER['PHP_AUTH_USER'] so that they looked at the "screenName" field on my own user objects, which I had stored in the PHP $_SESSION global .
My problem is that the user objects are not visible from the AutoAuthenticate hook that I've written.
My existing login page stores the ResolverUser object in the session with this code:
function SetLoggedInUser($user) { session_start(); $_SESSION['resolveruser'] = $user; }
*I register the AutoAuthenticate hook like this (in LocalSettings.php):
require_once("$IP/extensions/ResolverAuthPlugin.php"); $wgAuth = new ResolverAuthPlugin(); $wgHooks['AutoAuthenticate'][] = array($wgAuth,'autoAuthenticate');
In the autoAuthenticate method of ResolverAuthPlugin, I call a function to get the user so that I can create a MediaWiki user if necessary:
function GetLoggedInUser() { session_start(); return $_SESSION['resolveruser']; }
But the user I get back is null. If I go to any other page that calls the GetLoggedInUser() function, I get the correct value back, so I know it's there. Perhaps there's some scoping issue with session values that I don't understand? I am also suspicious of my multiple calls to session_start(), but they've been there for a while and haven't caused problems before...
Any hints or tips would be much appreciated; if this is off-topic for the list, my apologies and I'd be grateful to hear where the right place for questions like this is.
Regards,
Giles
-- Giles Thomas MD & CTO, Resolver Systems Ltd. giles.thomas@resolversystems.com +44 (0) 20 7253 6372
17a Clerkenwell Road, London EC1M 5RD, UK VAT No.: GB 893 5643 79 Registered in England and Wales as company number 5467329. Registered address: 843 Finchley Road, London NW11 8NA, UK
MediaWiki-l mailing list MediaWiki-l@lists.wikimedia.org http://lists.wikimedia.org/mailman/listinfo/mediawiki-l
Reizer Gábor wrote:
What system do you have?
Hi Reizer,
It's MediaWiki 1.11.0 running on a Debian machine. PHP details (from php --version):
PHP 5.2.0-8+etch7 (cli) (built: Jul 2 2007 20:43:26) Copyright (c) 1997-2006 The PHP Group Zend Engine v2.2.0, Copyright (c) 1998-2006 Zend Technologies
MySQL version 5.
Regards,
Giles
2007/11/21, Giles Thomas giles.thomas@resolversystems.com:
Hi all,
I am trying to implement a single sign-on system so that users of our site can register once and then edit our wiki and post to our phpBB forums without having to re-register and re-login. I have the phpBB side of it working pretty well, but I'm having problems with my MediaWiki authentication plugin, and I was hoping someone might be able to point me in the right direction.
By way of background, my knowledge of PHP is pretty limited - Python, Java and C# are where my experience lies.
In order to implement the plugin, I started with Jeremiah Orem's HttpAuth extension and switched the references to $_SERVER['PHP_AUTH_USER'] so that they looked at the "screenName" field on my own user objects, which I had stored in the PHP $_SESSION global .
My problem is that the user objects are not visible from the AutoAuthenticate hook that I've written.
My existing login page stores the ResolverUser object in the session with this code:
function SetLoggedInUser($user) { session_start(); $_SESSION['resolveruser'] = $user; }
*I register the AutoAuthenticate hook like this (in LocalSettings.php):
require_once("$IP/extensions/ResolverAuthPlugin.php"); $wgAuth = new ResolverAuthPlugin(); $wgHooks['AutoAuthenticate'][] = array($wgAuth,'autoAuthenticate');
In the autoAuthenticate method of ResolverAuthPlugin, I call a function to get the user so that I can create a MediaWiki user if necessary:
function GetLoggedInUser() { session_start(); return $_SESSION['resolveruser']; }
But the user I get back is null. If I go to any other page that calls the GetLoggedInUser() function, I get the correct value back, so I know it's there. Perhaps there's some scoping issue with session values that I don't understand? I am also suspicious of my multiple calls to session_start(), but they've been there for a while and haven't caused problems before...
Any hints or tips would be much appreciated; if this is off-topic for the list, my apologies and I'd be grateful to hear where the right place for questions like this is.
Regards,
Giles
-- Giles Thomas MD & CTO, Resolver Systems Ltd. giles.thomas@resolversystems.com +44 (0) 20 7253 6372
17a Clerkenwell Road, London EC1M 5RD, UK VAT No.: GB 893 5643 79 Registered in England and Wales as company number 5467329. Registered address: 843 Finchley Road, London NW11 8NA, UK
MediaWiki-l mailing list MediaWiki-l@lists.wikimedia.org http://lists.wikimedia.org/mailman/listinfo/mediawiki-l
MediaWiki-l mailing list MediaWiki-l@lists.wikimedia.org http://lists.wikimedia.org/mailman/listinfo/mediawiki-l
mediawiki-l@lists.wikimedia.org