I recently set up a large collection of web apps with an ldap directory backend - included in this was phpBB and MediaWiki. However, I didn't get the single sign-on bit of it working, neither was it one of my original targets.
2009/4/16 Paul C Lustgarten <[email protected]> > > On Apr 15, 2009, at 7:15 PM, Platonides wrote: > > > Schiz0 wrote: > >> Hey, > >> > >> I run a members-only forum. I'm in the process of adding a Wiki to > >> the > >> site, and I'd like to restrict the wiki to only members logged into > >> the forum. Would there be any problems to adding session_start() to > >> the top of the wiki's index.php (as well as some checks to validate > >> the session cookie from the forum)? > >> > >> What would be the best way to restrict this? I don't want non-members > >> to be able to view, edit, or register an account on the wiki at all, > >> so I don't see how I would be able to do this using the Wiki > >> settings. > >> > >> Thanks for all suggestions. > > > > Use an Auth plugin to get the credentials from the forum. Then > > restrict > > view and edits to the user group. > > Sounds to me like you'll need to create that Auth plugin on your own, > vs. being able to find an existing one that would fit your needs. I > just > did a related round of work linking my wiki into our corporate > authentication > & single-signon service, from which I would suggest you look in > particular > at the UserLoadFromSession hook and the associated talk page. > > One aspect that you'll need to think about, if you haven't already, is > whether your members will have an actual wiki account. I decided > that my users would (and recommend the same for you), so all the > normal wiki preference settings & such work & are retained as > expected, but I made the account creation totally automatic and > mostly invisible to them - it simply happens on their first visit. > (I've left some notes on this point at the talk page ref'd above.) > > And then I use the wiki's own session structure, as well, with a > relatively short time out (hours, not days), so the interaction with > the external auth service (or even their cookies) only occurs on > their first visit in a given span of time, after which it continues > the same as if they had signed in through the wiki's native login > process. (And non-logged in visitors aren't allowed - use the > regular wiki access controls for that.) > > HTH, > Paul > > _______________________________________________ > MediaWiki-l mailing list > [email protected] > https://lists.wikimedia.org/mailman/listinfo/mediawiki-l > -- Regards, Simon Walker User:Stwalkerster on all public Wikimedia Foundation wikis Administrator on the English Wikipedia Developer of Helpmebot and the ACC tool _______________________________________________ MediaWiki-l mailing list [email protected] https://lists.wikimedia.org/mailman/listinfo/mediawiki-l
