[Mediawiki-l] How to automate single-sign-on across multiple apps?

Matt England mengland at mengland.net
Sat Mar 25 05:24:08 UTC 2006


How to automate single-sign-on across multiple apps...on the MediaWiki-side 
of things?


My project is making a collaboration web server that includes MediaWiki, 
Bugzilla, phpBB forums, and other web-base applications.

We are trying to make our own single-login mechanism for all these 
apps.  We appear to have an LDAP-based "back end" account database working 
for the above apps, and we think we can make our own "one-stop" 
registration page form where a user can register once and instantly get 
accounts on all the above apps.

The trickier part:

How can we make a one-stop *login* page (different from registration page) 
that can automatically login said user to all the above apps, so they don't 
have to login manually to each one separately?

We presume we have to provide some sort of automation to make the above 
apps auto-download cookies to the client browser for each app.

A coworker of mine suggested some sort or "front end" form that passes 
login/password parameters to the "back end" forms to do this, 
automatically.  I think he referred to this as "screen scraping" (although 
I'm not sure of the nature or the meaning of that term).  Further, I'm not 
sure I'm thrilled about having the password flying inside my server via a 
URL, but alas it's a SSL-wrapped session, so maybe it doesn't matter.

In any case, I'm looking for suggestion on how to do this for MediaWiki.

Thanks for any help,

More information about the MediaWiki-l mailing list