I have read both of the link:
http://blogs.sun.com/superpat/entry/opensso_single_sign_on_extension
http://www.mediawiki.org/wiki/Extension:CASAuthentication
But unfortunately, I havnt found the code you said... It
seems like these extensions are use hook to implentment user
authencation? In my own myapi.php, how can a hook work?
The code below is a breif overview of the myapi.php:
<?php
$data = $_POST['data'];
// call a function to decode the data with a secret key. The
result is in $get
$action = $get['action'];
if($action == 'login'){
$uid = $get['uid'];
// I must do something here to make mediawiki login.
echo 1;
}
elseif($action == 'logout'){
//I must do something here to make mediawiki logout.
echo 1;
}
else{
echo 0;
}
?>
When user is logged in other application, the central auth
system would access this myapi.php with data.
I'd use the webserver to alias "/myapi.php" to
"/index.php?title=Special:Userlogin"; then use the above methods. The
central authentication system will still think it is hitting "/myapi.php",
but will instead send its data to your extension. Since your extension is
going through index.php, the hooks will be called, and the globals needed
will exist.
Respectfully,
Ryan Lane