hi,
I have read both of the link:
http://blogs.sun.com/superpat/entry/opensso_single_sign_on_extension
http://www.mediawiki.org/wiki/Extension:CASAuthentication
But unfortunately, I havnt found the code you said... It seems like these extensions are
use hook to implentment user authencation? In my own myapi.php, how can a hook work?
The code below is a breif overview of the myapi.php:
<?php
$data = $_POST['data'];
// call a function to decode the data with a secret key. The result is in $get
$action = $get['action'];
if($action == 'login'){
$uid = $get['uid'];
// I must do something here to make mediawiki login.
echo 1;
}
elseif($action == 'logout'){
//I must do something here to make mediawiki logout.
echo 1;
}
else{
echo 0;
}
?>
When user is logged in other application, the central auth system would access this
myapi.php with data.
Thx!!
------------------
Bear
2010-08-12
-------------------------------------------------------------
From:Lane, Ryan
Send Date:2010-08-12 22:48:05
To:Wikimedia developers
CC:
Subject:Re: [Wikitech-l] How to login a user without password?
X-Uidl:
GmailId12a66c5ad00f6f23&&pop.gmail.com
Delivered-To: jilingshu(a)gmail.com
Received: by 10.150.43.19 with SMTP id q19cs108796ybq;
Thu, 12 Aug 2010 07:48:05 -0700 (PDT)
Received: by 10.213.104.211 with SMTP id q19mr353520ebo.45.1281624485062;
Thu, 12 Aug 2010 07:48:05 -0700 (PDT)
Return-Path: <wikitech-l-bounces(a)lists.wikimedia.org>
Received: from
lists.wikimedia.org (
lists.wikimedia.org [91.198.174.5])
by
mx.google.com with ESMTP id b4si3903961eei.56.2010.08.12.07.48.04;
Thu, 12 Aug 2010 07:48:05 -0700 (PDT)
Received-SPF: pass (
google.com: best guess record for domain of
wikitech-l-bounces(a)lists.wikimedia.org designates 91.198.174.5 as permitted sender)
client-ip=91.198.174.5;
Authentication-Results:
mx.google.com; spf=pass (
google.com: best guess record for domain
of wikitech-l-bounces(a)lists.wikimedia.org designates 91.198.174.5 as permitted sender)
smtp.mail=wikitech-l-bounces(a)lists.wikimedia.org
Received: from localhost ([127.0.0.1]:33140
helo=lily.esams.wikimedia.org)
by
lily.knams.wikimedia.org with esmtp (Exim 4.69)
(envelope-from <wikitech-l-bounces(a)lists.wikimedia.org>)
id 1OjZ4X-0005WX-MA; Thu, 12 Aug 2010 14:47:57 +0000
Received: from
navofw.navo.navy.mil ([128.160.199.100]:59490
helo=ocean2.ocean.navo.navy.mil)
by
lily.knams.wikimedia.org with esmtp (Exim 4.69)
(envelope-from <Ryan.Lane(a)ocean.navo.navy.mil>) id 1OjZ4T-0005Vg-5P
for wikitech-l(a)lists.wikimedia.org; Thu, 12 Aug 2010 14:47:53 +0000
Received: from
Ocean2.ocean.navo.navy.mil ([2002:80a0:a553::80a0:a553]) by
Ocean2.ocean.navo.navy.mil ([2002:80a0:a553::80a0:a553]) with mapi;
Thu, 12 Aug 2010 09:47:52 -0500
From: "Lane, Ryan" <Ryan.Lane(a)ocean.navo.navy.mil>
To: Wikimedia developers <wikitech-l(a)lists.wikimedia.org>
Thread-Topic: [Wikitech-l] How to login a user without password?
Thread-Index: AQHLObie6u3yp2mSrUKST4Z+Ta89aZLd5PgcgAABKCA=
Date: Thu, 12 Aug 2010 14:47:51 +0000
Message-ID: <7FF208A2F1E6004D8F7BDC10A103C34A35C535(a)Ocean2.ocean.navo.navy.mil>
References: <201008120850417622420(a)Gmail.com>om>,
<201008121837568563457(a)Gmail.com> <201008122237582572914(a)Gmail.com>
In-Reply-To: <201008122237582572914(a)Gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator:
MIME-Version: 1.0
X-Content-Filtered-By: Mailman/MimeDel 2.1.9
Subject: Re: [Wikitech-l] How to login a user without password?
X-BeenThere: wikitech-l(a)lists.wikimedia.org
X-Mailman-Version: 2.1.9
Precedence: list
Reply-To: Wikimedia developers <wikitech-l(a)lists.wikimedia.org>
List-Id: Wikimedia developers <wikitech-l.lists.wikimedia.org>
List-Unsubscribe: <https://lists.wikimedia.org/mailman/listinfo/wikitech-l>,
<mailto:wikitech-l-request@lists.wikimedia.org?subject=unsubscribe>
List-Archive: <http://lists.wikimedia.org/pipermail/wikitech-l>
List-Post: <mailto:wikitech-l@lists.wikimedia.org>
List-Help: <mailto:wikitech-l-request@lists.wikimedia.org?subject=help>
List-Subscribe: <https://lists.wikimedia.org/mailman/listinfo/wikitech-l>,
<mailto:wikitech-l-request@lists.wikimedia.org?subject=subscribe>
Content-Type: multipart/mixed; boundary="===============8180891937508425267=="
Mime-version: 1.0
Sender: wikitech-l-bounces(a)lists.wikimedia.org
Errors-To: wikitech-l-bounces(a)lists.wikimedia.org
--===============8180891937508425267==
Content-Language: en-US
Content-Type: multipart/signed; protocol="application/x-pkcs7-signature";
micalg=SHA1; boundary="----=_NextPart_000_007D_01CB3A03.69598B20"
------=_NextPart_000_007D_01CB3A03.69598B20
Content-Type: text/plain;
charset="us-ascii"
Content-Transfer-Encoding: 7bit
I am very very thankful you can supply me such rich
information. I have read them carefully and found they are
not comfort my situation. The Central Auth System I use is
not developed by me. So I must do my project in its framework.
When one user login in a application such like a forum, the
forum would ask the central auth system if the username and
password which supplied by user is match. When this is okay,
it would call a function which provided by this central auth
system. This function will access the myapi.php in each
applications which configured with this central auth system
and pass User_ID by POST. So I have to write a myapi.php for
mediawiki to create a session with the uid it supplied.
I am not good at English and I hope you can understand my meanning.
thx!
Ok. I understand the requirement now. Note that the last extension I linked
to has code that creates a session for a user. You can use it as an example.
It also has an example of creating a user in the database, which you'll need
to do as well.
Note that this sounds like a really insecure system if done improperly. I
hope the central auth server has some way of authenticating that POST
request, or anyone would be able to grant themselves a session.
V/r,
Ryan Lane
------=_NextPart_000_007D_01CB3A03.69598B20--
--===============8180891937508425267==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
_______________________________________________
Wikitech-l mailing list
Wikitech-l(a)lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/wikitech-l
--===============8180891937508425267==--