I am very thankful you can reply me, but your solution looks not comfort me. I am using a Central Auth System to manage all user authcation. So when user are authenticated by this system, they should be logged in Mediawiki automatically. The system would access a .php file in Mediawiki such like http://wiki.xxxxx.org/myapi.org . So I must use this file to set mediawiki session. Could you tell me how to do? thx!
Does your central system require you to access a php file like that, or is this an arbitrary requirement that you believe you need? If this isn't really a requirement, you'll want to write an auto-authentication plugin that verifies the credentials from the central system, and creates a session in MediaWiki. This plugin should also create users when they access the wiki as well.
Here's an example of an auto-authentication plugin:
http://svn.wikimedia.org/viewvc/mediawiki/trunk/extensions/LdapAuthenticatio n/LdapAutoAuthentication.php?view=markup
This plugin assumes you have a regular authentication plugin doing something as well. Here's one that is standalone:
http://www.mediawiki.org/wiki/Extension:AutomaticREMOTE_USER
Note that in both of these, the user is assumed to have already logged into the central authentication system, and the web server is handling the actual authentication. Here's an extension that changes the login and logout links to redirect to the central system (warning, it is CDDL licensed, which is incompatible with the GPL!):
http://blogs.sun.com/superpat/entry/opensso_single_sign_on_extension
Respectfully,
Ryan Lane