Authentication framework

From Freephile Wiki
Revision as of 13:25, 12 June 2018 by Freephile (talk | contribs)
Jump to navigation Jump to search

In REL1_27[1] MediaWiki gained a complete rewrite of it's authentication and authorization system. SessionManager and AuthManager classes were introduced to MediaWiki to replace the "there can only be one!" nature of AuthPlugin [2]. Thanks to Cindy Cicalese and others, the Pluggable Auth framework was also completely rewritten to be compatible with the changes introduced. It provides the ability to layer in a variety of authentication systems. For example, RedHat develops the FreeIPA system which provides Identity, Policy and Trusts. FreeIPA is an Open Source [3] Identity Management Solution that [4]

provides unified installation and management tools for the following components:

In turn, the FreeIPA wiki website [5] is integrated with the Fedora Central Login via MediaWiki's Pluggable Auth and OpenID Connect [6]

  1. https://gerrit.wikimedia.org/r/#/c/mediawiki/core/+/243223/58/RELEASE-NOTES-1.27
  2. https://www.mediawiki.org/wiki/Manual:SessionManager_and_AuthManager
  3. note that much of the code is GPL licensed, however since there are multiple components, each has it's own license. See the license page for FreeIPA.
  4. quote from the code hosting site (Pagure) for FreeIPA: https://pagure.io/freeipa
  5. uses an interesting skin called strapping-mediawiki. Code is hosted at https://github.com/OSAS/strapping-mediawiki as part of the "Open Source And Standards" group. Seems undermaintained with several pull requests and issues. MediaWiki was interested in distributing it back when MAH was release manager.
  6. The Special:Version page of the wiki shows what's installed: https://www.freeipa.org/page/Special:Version