Dear all,
I'm trying to casify mediawiki as per instructions on
http://kellinwood.blogspot.com/2009/01/casify-mediawiki-with-phpcas.html
Now, I'm running into a problem that might (or might not?) be what is
mentioned in the user comment at the end of the page (wpLoginToken against
CSRF)
Currently, I've been able to get it to the point where CAS is up and
running, connected to an MSAD server, and authenticating properly. Mediawiki
is running fine with local accounts.
When I enable the casifying changes however, mediawiki properly redirects me
to the cas login page, cas properly authenticates me and sends me back to
mediawiki, but mediawiki then is stuck on Special:Userlogin.
Clicking the login link again from the Special:Userlogin page I see only
keeps me there (I am not even redirected to cas).
Any thoughts on how this can be fixed are most appreciated.
Best, Chris
PS: I'm using a localized version of MediaWiki, so Special:Userlogin is
called Speciaal:Aanmelden and Special:Userlogout is Speciaal:Afmelden
Changes to /etc/apache2/apache2.conf file:
---
Alias /wiki /var/www/mediawiki/index.php
<Directory />
RewriteEngine on
RewriteCond %{REQUEST_URI} ^/mediawiki/index.php$
RewriteCond %{QUERY_STRING} ^title=Speciaal:Aanmelden
RewriteCond %{REQUEST_METHOD} ^GET$
RewriteRule ^(.*)$ /mediawiki/login/cas1.php [R,L]
RewriteCond %{REQUEST_URI} ^/mediawiki/index.php$
RewriteCond %{QUERY_STRING} ^title=Speciaal:Afmelden
RewriteCond %{REQUEST_METHOD} ^GET$
RewriteRule ^(.*)$ /mediawiki/login/cas2.php?logout [R,L]
</Directory>
---
Changes to LocalSettings.php
---
# CAS
require_once "$IP/extensions/CasAuthentication.php";
$wgAuth = new CasAuthPlugin();
$casServerHostname = 'myserver.mydomain.nl';
$casServerPort = 8443;
$casServiceURI = '/cas';
$wgLoginFormKey = "tU2HfXYkf6jc454SYqke"; // Random key, change this
$wgGroupPermissions ['*']['read']=false;
$wgGroupPermissions ['*']['edit']=false;
$wgGroupPermissions ['*']['createaccount']=false;
$wgWhitelistRead = array("Speciaal:Aanmelden");
---
Files extensions/CasAuthentication.php and login/cas1.php and login/cas2.php
are exactly as given on the site linked above.
Met vriendelijke groet,
Christian C. Schouten