MediaWiki/Auth: Difference between revisions

(4 intermediate revisions by one other user not shown)

Line 1:

__NOTOC__

Starting with MediaWiki 1.27, there are new authentication and session management frameworks in core<ref>https://lists.wikimedia.org/pipermail/wikitech-l/2016-May/085725.html</ref><ref>[[mw:Manual:SessionManager and AuthManager]]</ref>

= New School =

If you're running at least [[MediaWiki]] 1.27<ref name="wikireport">Check your version, and more, for free at https://freephile.org/wikireport</ref>, you can take advantage of Cindy Cicalese's [[mw:Extension:PluggableAuth|Extension:PluggableAuth]] and [[mw:Extension:OpenID_Connect|Extension:OpenID_Connect]]. Using these extensions, you can have people login to your wiki using their Google account; and other '''Single Sign-On''' setups.

= Old School =

If you're running an older version<ref name="wikireport"></ref> of [[MediaWiki]] (<1.27) you probably can't run the (unmaintained) [[mw:Extension:OpenID]]. As a workaround, you could switch over to an LDAP based auth. Or, just upgrade already!

Google deprecated it's support for OpenID 2.0 support. They now implement "[[wp:OpenID Connect|OpenID Connect]]" (official site: http://openid.net/connect/) Unfortunately, Evan Prodromou's MediaWiki [[mw:Extension:OpenID|Extension:OpenID]] extension is written for OpenID 2.0 So, to wiki's that used Google as an Identity/Auth provider must now switch to LDAP or other means. Fortunately, there isn't too much work to do if you have an [[LDAP]] server in place.

Line 29:

Line 36:

== Configuration ==

Here's a sample configuration for an Active Directory LDAP server

<~~source~~ lang=php>

$wgAuth = new LdapAuthenticationPlugin();

$wgLDAPDomainNames = array('example');

Line 73:

Line 80:

$wgLDAPUseLocal = false;

</~~source~~>

</syntaxhighlight>

[[Category:Wiki]]

@@ Line 1: / Line 1: @@
+__NOTOC__
+Starting with MediaWiki 1.27, there are new authentication and session management frameworks in core<ref>https://lists.wikimedia.org/pipermail/wikitech-l/2016-May/085725.html</ref><ref>[[mw:Manual:SessionManager and AuthManager]]</ref>
+= New School =
+If you're running at least [[MediaWiki]] 1.27<ref name="wikireport">Check your version, and more, for free at https://freephile.org/wikireport</ref>, you can take advantage of Cindy Cicalese's [[mw:Extension:PluggableAuth|Extension:PluggableAuth]] and [[mw:Extension:OpenID_Connect|Extension:OpenID_Connect]].  Using these extensions, you can have people login to your wiki using their Google account; and other '''Single Sign-On''' setups.
+= Old School =
+If you're running an older version<ref name="wikireport"></ref> of [[MediaWiki]] (<1.27) you probably can't run the (unmaintained) [[mw:Extension:OpenID]].  As a workaround, you could switch over to an LDAP based auth.  Or, just upgrade already!
 Google deprecated it's support for OpenID 2.0 support.  They now implement "[[wp:OpenID Connect|OpenID Connect]]" (official site: http://openid.net/connect/)  Unfortunately, Evan Prodromou's MediaWiki [[mw:Extension:OpenID|Extension:OpenID]] extension is written for OpenID 2.0  So, to wiki's that used Google as an Identity/Auth provider must now switch to LDAP or other means.  Fortunately, there isn't too much work to do if you have an [[LDAP]] server in place.
@@ Line 29: / Line 36: @@
 == Configuration ==
 Here's a sample configuration for an Active Directory LDAP server
-<source lang=php>
+<syntaxhighlight lang=php>
 $wgAuth = new LdapAuthenticationPlugin();
 $wgLDAPDomainNames = array('example');
@@ Line 73: / Line 80: @@
 $wgLDAPUseLocal = false;
-</source>
+</syntaxhighlight>
+<headertabs/>
+{{References}}
+[[Category:Wiki]]