I've added my latest LDAP Authentication patch to bugzilla:
http://bugzilla.wikipedia.org/show_bug.cgi?id=814
I will update my corresponding documentation to match the current patch
level.
This documentation is located here:
http://meta.wikimedia.org/wiki/LDAP_Authentication
Is this still being considered to be added to mediawiki 1.5? I'm almost
positive
all of the changes to the core code that are required for all of my planned
functionality have been added. Almost all of the changes that were made were
hooks, the rest were for security. If there are any required changes,
bugfixes,
or security concerns, let me know.
At this time, the LDAP patch has support for:
* Simple authentication through SSL using direct binds, or
proxy-authentication
** Note: proxy authentication is not currently working using multiple
domains.
Also, you will not be able to add LDAP users when using proxy authentication
yet. This will be added next version.
* Storage/Retrieval of some user preferences
* Ability to add new users to LDAP from Mediawiki
* Ability to change LDAP passwords through Mediawiki
* Ability to mail a temporary password so that users can change their LDAP
password
* Ability to do all of the above on multiple domains (including the local
database)
Future versions will eventually have the following functionality:
* A custom schema for LDAP
* Access control using security groups (Authentication only)
* Ability to use smart cards, or CAC cards to login to mediawiki using
certificates
* Ability to use LDAP as a complete backend for user information using a
single,
or multiple domains (or a combination of LDAP and the local database as
cache or
backup)
If anyone can think of other features that should be added, let me know.
V/r,
Ryan Lane
NAVOCEANO