[Mediawiki-l] Intranet Single Signon

Sechan, Gabe sechan at amazon.com
Thu Nov 17 23:40:33 UTC 2005 

I just did something very similar for my company.  Here's my circumstances, and how I did it.  Hope it helps.

I have a situation where the user name is known by apache before I log on.  I can get the user name from Apache.  This means something that may be unique to my situation-  when the user gets to my page, he is already logged in.

Logins are all handled by the User::loadFromSession function.  It returns a user object, or a blank user if not logged in.  My solution was simple-  anytime it returned a new User();, I had it instead return the results of a new function-  loadFromOutside()

loadFromOutside takes the user name, and goes

$user=User::newFromName($name) 
If(0==$user->getID){
  $user->addToDatabase();
  $user->setPassword($pass);
  $user->setEmail($email);
  $user->setReadName($name);
  $user->setOption('rememberPassword',1);
Else{
  $user->loadFromDatabase();
}
$user->setCookies();
$user->saveSettings();
Return $user;

What this does is try and load the user from the DB.  If it can't, it creates a new user.  This code *is* working.  The only think you need to do is fill in $name, $pass, and $email.  If you don't get a password from the server, randomizing one is fine-  they never need it.

Gabe

-----Original Message-----
From: mediawiki-l-bounces at Wikimedia.org [mailto:mediawiki-l-bounces at Wikimedia.org] On Behalf Of Chris McIntosh
Sent: Wednesday, November 16, 2005 10:09 AM
To: mediawiki-l at Wikimedia.org
Subject: [Mediawiki-l] Intranet Single Signon

I am modifying the source code to allow our internal Intranet users to automatically log in to the wiki based on their username applied by apache.
I do this by using mod_ntlm to get their NTLM credentials and then want to seemlessly log them in.

The problem I am having is setting up the user variable (wgUser) properly. I have tried the following.

For now I have it near the bottom of Setup.php just to test around line 300.


if ( $wgUseRemoteUser)
{
if ($userid = $wgUser->idFromName($wgIP)) { $wgUser->setId($userid); $wgUser->loadFromDatabase(); } else { $wgUser = $wgUser->newFromName($wgIP); $wgUser->setId($wgUser->getMaxId());
$wgUser->addToDatabase();
}
$wgUser->setToken() ;
$wgUser->setCookies();
}

The problem with this approach is I can't change any preferences for this user. Everything else seems fine but if I try and change a setting like Underline links, the preference page won't save. I have tracked that down to the edit token not being set properly, but I am not sure how to set it. If I remove the check in SpecialPreferences where it calls matchEditToken then everything works fine.

Any advice?

Thanks
Chris McIntosh
_______________________________________________
MediaWiki-l mailing list
MediaWiki-l at Wikimedia.org
http://mail.wikipedia.org/mailman/listinfo/mediawiki-l

More information about the MediaWiki-l mailing list