Extension:LDAP Authentication/Roadmap

From MediaWiki.org

Jump to: navigation, search

About - Requirements - Configuration - Options - Changelog - Roadmap - Suggestions - User provided info - FAQ - Support

       

Manual on MediaWiki Extensions
List of MediaWiki Extensions
Crystal Clear action run.png
LDAP Authentication

Release status: stable
Implementation  User identity
Description Provides LDAP authentication, and some authorization functionality for MediaWiki
Author(s)  Ryan Lane
Last Version  1.2a (2009-05-06)
MediaWiki  1.6+
License GPL
Download

Contents

[edit] Next version

I have a bad memory, and need a to-do list. If I have promised to add something for you in the next version, and it isn't in the list below, please add it.

[edit] v1.2b

  • Allow group syncronization to work with nested groups (in SVN)
  • Add support for exclusion groups in addition to required groups (in SVN)
    • Configured via $wgLDAPExcludedGroups; syntax the same as $wgLDAPRequiredGroups
  • Add support for automatic domain discovery
  • Add an easy AD configuration option
  • Fix check for returns with no entries (in SVN)
  • Add memberOf support (in SVN)
    • There is a minor issue with this support: active directory is somewhat stupid, and it is extremely difficult to find a user's primary group. memberOf doesn't list primary groups, only secondary groups. As such, I'm not going to support primary groups in memberOf. You can ask me to support it, but my answer will be: I'll take a patch. Seriously, I think everyone should go see what you have to do to find a user's primary group; it is ridiculous.
  • Add patch for getting user's primary group [1]
  • Fix problem with usernames containing parenthesis [2]
  • Fix User not loaded from session issue [3]
  • Change behavior of locally managed groups to allow MediaWiki specific groups to be overridden [4]
  • Fix the username-authentication issue once and for all (hopefully without nasty hacks) [5] [6]
  • Fix the issue where local users can't change their passwords [7]
  • Add strictUserAuth support
  • Fix warnings in PHP 5.2.10 [8]

[edit] Possibly in a future version

  • Allow changes to LDAP groups via Special:Userrights
  • Support for choosing default search scope, and defining it for multiple domains.
  • Support for adding users/changing passwords in Active Directory.
  • Support for using LDAP as a complete user backend (including user options and such). Using ldap as a backend will require a custom schema to be loaded in the LDAP server.

[edit] References

  1. Extension:LDAP Authentication/User Provided Information#Active Directory Primary Group Patch
  2. Extension talk:LDAP Authentication#Usernames containing parenthesis
  3. Extension talk:LDAP Authentication#User not loaded from_session in MW 1.14
  4. Extension talk:LDAP Authentication#Remove Sysop, Bureaucrat, Bot from locally managed groups
  5. Extension talk:LDAP_Authentication#Can't set user rights because of lower case conversion issue
  6. Extension talk:LDAP Authentication#Problems authenticating usernames with underscore character(s)
  7. Extension_talk:LDAP_Authentication#Can_local_users_change_their_passwords.3F
  8. Extension_talk:LDAP_Authentication#PHP_5.2.10_warnings
Retrieved from "http://www.mediawiki.org/wiki/Extension:LDAP_Authentication/Roadmap"