CaseWiki talk:External Authentication
For which version of MediaWiki it should work?
I'm using 1.4.9 and no file has HTTP Request class or function...
Contents |
[edit] Regarding Versions
This method works with both 1.4.x and 1.5.x. The HTTP Request class can be found at http://pear.php.net. To install the package, run
pear install HTTP_Request
--Gregory.Szorc 13:02, September 22, 2005 (EDT)
Great page, thanks. But there's a stray right curly brace in the last code snippet on line 27.
[edit] More comments/questions
Hi Gregory. Great job on this page. Thank you so much. :)
For other n00bs such as myself, it might be nice to have further reference on avoiding the traditional login page (changing the destination of the topright 'login' link). Instead of using mod_rewrite as suggested (I couldn't figure it out), I simply edited $BASE/includes/SkinTemplate.php lines 486-488 (in v. 1.5.0). Specifically, the script should contain... $personal_urls['login'] = array('text' => 'Login', 'href' => '/path/to/initial/login');.
Note that things still aren't working all the way yet. My second login script appears to be hanging. I will most likely post a more detailed question come tomorrow.
Regards,
-Matt Bradshaw
Better description of the problem (from Matt the next day)...
It appears that the HTTP_Request() isn't actually making a request?!? At least, according to tcpdump traces. Ideas? I could just duplicate the functionality found in the target link, no?
Thanks again for your help.
[edit] Question around 'importing' LocalSettings.php
I'm using MediaWiki 1.5.0, PHP 5.0 and I keep getting the following error message...
This file is part of MediaWiki and is not a valid entry point
with 'require_once("../LocalSettings.php");'
Can you tell me whether you've came across with this error message?
regards,
J
You need a define('MEDIAWIKI', true); before the include of LocalSettings.php in any MediaWiki script. I have added this to the example script on the article. Sorry for the confusion. --Gregory.Szorc 13:50, November 28, 2005 (EST)
Thanks Gregory, just a reminder for the need to re-initialise the 'include_path' to include PEAR's HTTP Request. I have added 'ini_set( "include_path", "$PHP_DIR/PEAR;" );' to the example script after the line 'require_once("../LocalSettings.php");'. Because '../LocalSettings.php' initialises 'include_path' without PEAR's HTTP Request. Note. $PHP_DIR has to be defined according to user setting.
A good obersvation! I sometimes forget that I have made significant modifications to LocalSettings.php on the Case Wiki and take these modifications for granted. --Gregory.Szorc 12:34, November 29, 2005 (EST)
[edit] Possible Security Issue?
Hi, I'm using this script on my wiki for quite while using PubCookie as the authentication. But as of yesterday, my site was defaced by spammers. They were able to create dummy accounts and then edit pages. I believe there is some cross-site scripting attack that can be used. Any advice on combatting this would be appreciated.
Thanks Mark
- Chances are you did not disable account creations. You can do this by placing the following in LocalSettings.php: $wgGroupPermissions['*']['createaccount'] = false; I highly doubt a cross-site scriping attack is the reason because a spammer would have to jump through hoops to exploit it. You probably just got caught by a regular spam bot that is programmed to take advantage of MediaWiki by directly accessing specific URL's. This wiki has not had a problem with false user creations. I would think that if there were a vulnerability in the code, this wiki would be affected by now. --Gregory.Szorc 19:35, February 3, 2006 (EST)
[edit] Authentication by validating the email address.
Do you know of any extension, hacks or otherwise that allow authentication by validating the email address of the person when they create an account, but preventing access and/or editing previliges until they reply to an email message to validate their email address.
Jamil
Hey Jamil,
did you have to do anything to actually make the email functionality to work in media wiki? I had trouble with includes/UserMailer.php not able to find PEAR's Mail.php until I've looked at my localSettings.php to have ini_set( "include_path", ini_get("include_path").";$IP;$IP/includes;$IP/languages;" ); at the first line... I don't know why it was resetting the include_path rather than appending its local include_path, anyway now it finds the Mail.php... but fails to send email without error message...
any idea? J
[edit] Intercepting Calls to Special:Userlogin
For MicroSoft IIS users, ISAPI_Rewrite offers a lite version that is free and has all the functionality required intercept GET calls to Special:User login. (You don't want to intercept POST calls, or the PEAR HTTP_REQUEST command won't work.) Here is the text to place in the httpd.ini file:
RewriteCond METHOD GET RewriteRule .*Special:Userlogin.* http\://intranet.com/wiki/login/InitLogin.php [I,R,L]
[edit] MediaWiki - WordPress Integration
Hello, Thanks for the great page. I'm trying to make MediaWiki use the WordPress DB to authenticate users and I finally managed to make it work. I still need to create the new unified login form but the login check is finally working!... You should state filenames in the instructions since referrals (Location: url) are not as clear as they can be.
Also, I still get an error on:
$loginTitle = Title::newFromText('Userlogin', NS_SPECIAL);
$loginUrl = $loginTitle->getFullURL('action=submitlogin');
It says class "title" does not exist. I managed to bypass this by hard-coding the $loginUrl, in my case this way:
$loginUrl = '/wiki/index.php?title=Special:Userlogin&action=submitlogin&type=login';
-- Mauro, www.iPassion.it
[edit] Link to REMOTE USER page broken
Link to MetaWikiPedia:Auto Login via REMOTE USER is broken, should probably be: http://meta.wikimedia.org/wiki/User:Otheus/Auto_Login_via_REMOTE_USER
Thanks for the great doc page--you might consider posting this on mediawiki.org to make it more accessible to other folks writing Auth modules.
--Maarten.