Hello,
I am setting up a new MW 1.29 application on a secure RHEL7+Apache2+PHP5.6+MariaDB5.5 host
running in an Active Directory enterprise environment. All client browsers that will
access the wiki have user session attributes in the header authenticated by the domain.
When users visit the MW site, I would like MW to automatically log-in the users (and
create new users as needed) from the authentication information in the browser session
header. I am told by my enterprise security admins that the session header data is
compatible with Siteminder (i.e. SM_SDOMAIN, etc..)
[Q1] Will I need anything beyond PluggableAuth and PluggableSSO?
[Q2] Will I need to configure either of these for my domain or should it just work?
So far I have successfully installed PluggableAuth and PluggableSSO and added the
following to LocalSettings.php:
$wgPluggableAuth_EnableAutoLogin = true;
$wgPluggableAuth_EnableLocalLogin = true;
$wgPluggableAuth_EnableLocalProperties = false;
$wgPluggableAuth_Class = "PluggableSSO";
wfLoadExtension( 'PluggableAuth' );
wfLoadExtension( 'PluggableSSO' );
but it does not work as effortless as hoped.
So I have set $wgShowDebug = true; in localsettings.php and can see all of the session
data and trace info, but I don't know how to interpret it as well as i'd like.
[Q3] My local login no longer works either. Is this to be expected?
Any advice from the authentication gurus is greatly appreciatedĀ :-)
Thanks in advance,
-Rich