AuthPlugin

From MediaWiki.org

Jump to: navigation, search

Authentication plugin interface.

[edit] Existing authentication plugins

There already exist authentication plugins for many cases like IMAP, LDAP and more. Category:User identity extensions lists these extensions.

[edit] Creating new authentication plugins

If you need to write your own plugin, see the source doc at MediaWiki Source Documentation (see also the latest source code)

Instantiate a subclass of AuthPlugin and set $wgAuth to it to authenticate against some external source.

The default behavior is not to do anything, and use the local user database for all authentication. A subclass can require that all accounts authenticate externally, or use it only as a fallback; also you can transparently create internal wiki accounts the first time someone logs in who can be authenticated externally.

Some notes missing in the source doc:

  • The username is translated by MediaWiki before it is passed to the function: First letter becomes upper case, underscore '_' become spaces ' '.
  • If autoCreate() returns true (MediaWiki should create a local account for the user) updateExternalDB( $user ) is called anyway. I guess this is to allow the plugin to synchronize the user settings with the external database. updateExternalDB must return true to make MediaWiki store the settings in the local account.
  • AuthPlugin->userExists(...) is not called when the user has already been stored in the wiki DataBase.

[edit] External Sessions

In order to check the login status against some external session management scheme, use AutoAuthenticate hook. This can be used to implement a single-signon setup, in addition to simple account sharing.

Languages Languages: 

English  • 日本語
Retrieved from "http://www.mediawiki.org/wiki/AuthPlugin"
Personal tools