[Mediawiki-l] AuthPlugin examples for Single Sign-on?

[Owen B. Mehegan]

On Tue, 24 Aug 2010 14:26:40 -0500, Ryan Lane <rlane32 at gmail.com>
wrote:
> Is the web server handing this authentication, or does your plugin
> need to handle it?

My plugin is already handling it. If you hit the wiki, it checks to see
if you are logged in to our system. If you are, it checks that you have
the right role to allow wiki access, and if so it sends you back there,
all transparently. If you are not logged in, it takes you to our login
page, away from the wiki entirely, then sends you back there once you
auth and it confirms you have the right role. 

> It is really better to look at working examples. The examples you want
> to look at really depend on the answer to my first question...

Yeah I agree, that's what I was hoping someone could suggest.

> If your plugin needs to handle it, you should take a look at the CAS
> authentication extension:
> 
> http://www.mediawiki.org/wiki/Extension:CASAuthentication
> 
> This plugin redirects the user to the SSO server when clicking on the
> login/logout link, checks the info from the server, and allows/denies
> access accordingly.

This looks promising, and I don't think I had seen it yet, so thank
you! In thinking about it more, I almost feel like at this point if I
could just get some example code for functions to create a MW account if
necessary, and then log that account in, I could bolt those onto my
existing plugin and I'd be all set. Based on what I have now, after the
successful authentication and role check, I just need 'userExists,'
'createUser,' and logInUser' type functions which all apply to the
MediaWiki side. If you have suggestions of things I can look at in that
area specifically, that would be great. Thank you!

-- 
Owen B. Mehegan (owen at nerdnetworks.org)
"He is a dangerous mixture of sophistication and recklessness which
makes one anxious about his influence on other boys."