Hi everyone,
I am having currently to manage a big project that will relies on MediaWiki. Basically I have a linux server (let's call it Pserv for Primary) with many people having an account on it and those people will be the 'wiki' users. For security reasons (PHP), mediawiki lies on a different machine (let's call it Wserv for Wiki).
The project requires the wiki modifications to be restricted to the people having an unix account on Pserv, and all modification should be systematically authentified with the Pserv login. If an account is erased on Pserv, then the associated user should not be able to modify the wiki on Wserv any more.
Some thoughts: - there are a lot of people (several thousands) to handle. Dupplicating on Wserv the user management already done for Pserv is not a reasonnable option. - the authentification scheme of MediaWiki will have to be modified. The idea is somehow to delegate the authentification task to Pserv (also handling the case where a MediaWiki account needs to be created).
Question: how do I achieve that? Has anyone any experience with such a situation?
Joannès
On Jan 17, 2005, at 4:46 AM, Joannes Vermorel wrote:
- the authentification scheme of MediaWiki will have to be modified.
The idea is somehow to delegate the authentification task to Pserv (also handling the case where a MediaWiki account needs to be created).
1.4 has an experimental authentication plugin system for precisely this kind of thing. Create a child class of AuthPlugin (see AuthPlugin.php) and override some methods. Set $wgAuth to an instance of this class.
It's not well documented as it's new and experimental and no one's really _used_ it at this point. It may need further work to really do what's necessary.
-- brion vibber (brion @ pobox.com)
wikitech-l@lists.wikimedia.org