Authentication framework

From Freephile Wiki

Starting with efforts at least as early as 2013 in the AuthManager RfC, MediaWiki gained a complete rewrite of its authentication and authorization system in June 2016 with the LTS stable release of REL1_27[1][2] SessionManager and AuthManager classes were introduced to MediaWiki to replace the "there can only be one!" nature of AuthPlugin [3]. Thanks to Cindy Cicalese and others, the Pluggable Auth framework was also completely rewritten to be compatible with the changes introduced. It provides the ability to layer in a variety of authentication systems. For example, RedHat develops the FreeIPA system which provides Identity, Policy and Trusts. FreeIPA is an Open Source [4] Identity Management Solution that [5]

provides unified installation and management tools for the following components:

In turn, the FreeIPA wiki website [6] is integrated with the Fedora Account System (FAS) [7] via MediaWiki's Pluggable Auth and OpenID Connect [8]

References[edit source]

  1. https://gerrit.wikimedia.org/r/#/c/mediawiki/core/+/243223/58/RELEASE-NOTES-1.27
  2. https://www.mediawiki.org/wiki/MediaWiki_1.27
  3. https://www.mediawiki.org/wiki/Manual:SessionManager_and_AuthManager
  4. note that much of the code is GPL licensed, however since there are multiple components, each has it's own license. See the license page for FreeIPA.
  5. quote from the code hosting site (Pagure) for FreeIPA: https://pagure.io/freeipa
  6. uses an interesting skin called strapping-mediawiki. Code is hosted at https://github.com/OSAS/strapping-mediawiki as part of the "Open Source And Standards" group. Seems undermaintained with several pull requests and issues. MediaWiki was interested in distributing it back when MAH was release manager.
  7. https://fedoraproject.org/wiki/Account_System
  8. The Special:Version page of the wiki shows what's installed: https://www.freeipa.org/page/Special:Version