I am using this as the authentication method for the Case Wiki (http://wiki.case.edu). My solution consists of a custom $wgAuth mechanism (to populate the accounts from LDAP info) and a nifty login trick. First, I use a rewrite to send all login requests to two special scripts. The user first gets redirected to /login/ index.php. This script just saves a session variable recording the page referrer. It then sends a redirect to a PubCookie protected page. This script creates a HTTP request and submits the login info to MediaWiki via fake form submission (I am using PEAR's HTTP_Request package). The response to this request contains cookies. These cookies are set on the client side. Finally, the user is redirected to the original page. There are some other steps in there to improve security. If you need me to go into any further detail, I can. In addition, I made some minor changes to the actual MediaWiki code to remove unneeded abilities.

Gregory Szorc gregory.szorc@case.edu

On Jul 29, 2005, at 9:00 AM, Mark Cunningham wrote:

I've been trying to get MediaWiki 1.4.7 to use PubCookie (http://www.pubcookie.org/) as the authentication mechanism via the includes/AuthPlugin.php.

Has anyone managed to this already or know how to do ir?

Thanks Mark -- http://thedeadone.net _______________________________________________ MediaWiki-l mailing list MediaWiki-l@Wikimedia.org http://mail.wikipedia.org/mailman/listinfo/mediawiki-l