Thanks for the input. As noted, I can't use server variable REMOTE_USER
because I'm on a physically different server than where the main site's http
auth occurs. So I have to rely on the domain cookie, which stores the
username for the main site, that is set by said main site.
So I guess my question is, should there be any inherent problems with trying
to assign the username using wiki's external authentication from a cookie,
as opposed to REMOTE_USER or LDAP, etc?
-----Original Message-----
From: mediawiki-l-bounces(a)Wikimedia.org
[mailto:mediawiki-l-bounces@Wikimedia.org] On Behalf Of Domas Mituzas
Sent: Sunday, January 08, 2006 4:59 PM
To: MediaWiki announcements and site admin list
Subject: Re: [Mediawiki-l] Authentication using existing domain cookie
Hi Justin,
The main site does log users in, and stores their
information in a
domain-wide cookie. However, to my knowledge, since the sites sit
on two
physically separate servers, I cannot use the REMOTE_USER
authentication
hack that is available on
mediawiki.org.
So basically, I'm looking for a way for Mediawiki to take the
username that
is available in the domain-wide cookie and authenticate using
that. Has
anyone seen an implementation like that or know where I can find
out how to
do that?
HEAD and 1.5 have ExternalAuth hook, which allows to bind external
authentication methods, this is example Auth class I've written as an
example (of course, more sophisticated methods can be used..):
--Domas
<?
global $wgHooks;
$wgHooks['AutoAuthenticate'][] = 'AuthServerMagic';
function AuthServerMagic(&$user) {
if ($_SERVER["REMOTE_USER"] == "") {
return new User();
}
$user = User::newFromName( $_SERVER["REMOTE_USER"] );
if ( $user->getID() == 0 ) {
$user->addToDatabase();
$user->setToken();
} else {
/* Should cache some day, I guess :) */
$user->loadFromDatabase();
}
return true;
}
?>
_______________________________________________
MediaWiki-l mailing list
MediaWiki-l(a)Wikimedia.org
http://mail.wikipedia.org/mailman/listinfo/mediawiki-l