Help
Add this page to your book
Show book (0 pages)
Suggest pagesUser:Thompson.matthew/CentralAuth
 |
Note: This documentation has been released into the public domain by its author. If you make changes, ensure you own the rights and are willing to release them into the public domain. If you don't, or aren't willing, do not edit it. |
OK, since it took me ages to set up CentralAuth, I'm making my own guide. I'm going to make it as easy as possible. Please, be bold and improve it, but this is no place for jargon. pros you might want to use the extension's intructions, as this is n00bish.
Contents |
[edit] Step 1, Download and Install web-end
OK, first, we need to plan. How many wikis do you want? I want 3 wikis. I'm creating a metawiki, testwiki and codwiki.
So download mediawiki. 1.19 is fine, i'm using 1.18wmf1. Doesn't matter, but newer is better. Hop on a linux system and open the terminal. go
sudo -s && cd /
then
svn checkout http://svn.wikimedia.org/svnroot/mediawiki/trunk/extensions/CentralAuth/ CA
That will download the latest development centralauth to your computers main directory. If you're on windows, use tortisesvn or something else. Leave snapshots as a last resort.
OK, so set up your wikis. This is self explanatory. Create your directories. In my case, i'm calling them metawiki, codwiki and testwiki. Set them up. I'm using the database named cod_wiki, test_wiki and meta_wiki. nice, you're on your way.
Finish the install (use the exact same username and password for each wiki). download localsettings, etc. do the same again. it gets annoying, but thats the way it goes.
if you don't use the same un/pw for each wiki, you must grant all privileges on each wiki's database and the centralauth database, to each of the wiki's dbUser identified by each dbPass. (noted in each localsettings.php)
OK, on each of the wikis, create a folder called 'CentralAuth' in the 'Extensions' directory. copy the stuff we got from subversion above, it should be in a folder called CA in your root directory. You can also run the svn co http://svn.wikimedia.org/svnroot/mediawiki/trunk/extensions/CentralAuth/ command within each of the extensions folders of your separate wikis.
[edit] Step 2. Configure CentralAuth Settings
Now, we need to install the extension to the wiki, and set it up. The setup script needs to be the same in ALL localsettings, or conflicts will ensue. I'm keeping this simple - so here the example code. Copy and pasta, and modify to your needs. i've commented to the side. the important things are to replace the database names with the databases you created, and to change sitename and directory locations. remember, copy this script to the bottom of every wikis localsettings.php.
Notice that your $wgConf configuration is included in this.
[edit] Code
require_once ("$IP/extensions/CentralAuth/CentralAuth.php"); //require the extension, pretty self-explanitory $wgConf = new SiteConfiguration; # Read wiki lists $wgConf->wikis = $wgLocalDatabases; $wgConf->suffixes = array( 'wiki' ); //all databases have suffix wiki $wgConf->suffixes = $wgLocalDatabases; $wgConf->localVHosts = array( 'localhost' ); //your database server. could be example.com or IP address. no http:// $wgConf->fullLoadCallback = 'wmfLoadInitialiseSettings'; $wgConf->siteParamsCallback = 'efGetSiteParams'; $wgConf->extractAllGlobals( $wgDBname ); $wgLocalDatabases = array( 'meta_wiki', 'test_wiki', 'cod_wiki' ); //all wiki databases, as array $wgConf->settings = array( 'wgServer' => array( 'default' => 'http://localhost', //default means applied to all wikis.this might be http://www.example.com, for example. ), 'wgScriptPath' => array( 'meta_wiki' => '/metawiki', //script path, where index.php is located for meta 'test_wiki' => '/testwiki', //test 'cod_wiki' => '/codwiki', //cod ), 'wgArticlePath' => array( 'meta_wiki' => '/meta/$1', //for short urls 'test_wiki' => '/test/$1', 'cod_wiki' => '/cod/$1', ), //the above may confuse some. if you're having problems, keep articlepath the same as scriptpath, with /$1 at the end, k??? 'wgLanguageCode' => array( //dont change, if all wikis are english *BE careful not to alter this line if you use RegEx to replace COD with your wiki name! 'default' => '$lang', ), 'wgLocalInterwiki' => array( 'default' => '$lang', ), ); function efGetSiteParams( $conf, $wiki ) { $site = null; $lang = null; foreach( $conf->suffixes as $suffix ) { if ( substr( $wiki, -strlen( $suffix ) ) == $suffix ) { $site = $suffix; $lang = substr( $wiki, 0, -strlen( $suffix ) ); break; } } return array( 'suffix' => $site, 'lang' => $lang, 'params' => array( 'lang' => $lang, 'site' => $site, 'wiki' => $wiki, ), 'tags' => array(), ); }
Begin by copying into one localsettings, modify, save and copy to the rest. it's not that hard.
[edit] Step 3. Create database centralauth (and configure)
Your wiki won't work yet. we need to set up other stuff. create a new sql database and call it 'CentralAuth'. Run centralauth.sql, its in the CA folder in your root directory if you used the svn command line above. This writes tables, etc.
OK, so now we have centralauth set up. but whos managing it? noone. we need to create our global account, by migrating everyone. choose a wiki, i shall choose meta, and use terminal to chdir into it.
cd /path/to/webroot/yourMWdirectory/extensions/CentralAuth/maintenance
im on mac, so it would be
cd /Library/WebServer/Documents/metawiki/Extensions/CentralAuth/maintenance
Now type
sudo php migratePass0.php
then
sudo php migratePass1.php.
You can run this process from each of your wiki's CentralAuth/Migration directories, but it may be easier to use Special:MergeAccount. So go to your other wikis (COD and TEST in my case) and go special:mergeaccount. nice.
now, back to meta. go to Special:UserRights, and make yourself a steward. now, the problem: steward is a local group, we need to migrate it to global. OK, back to terminal, hopefully you're still where we were before
sudo php migrateStewards.php
You're now a global steward, good for you! What can you do - nothing, yet. Remove your local steward right through special:userrights.
now, use an sql management program, like mysqladmin or terminal, and navigate into centralauth database. head into the global_group_permissions table, and insert:
ggp_group = steward
ggp_permission = globalgrouppermissions
use the describe global_group_permissions command line on the table to make sure the field names are the same.
Linux mysql command line would be:
INSERT INTO global_group_permissions (ggp_group,ggp_permission) VALUES ('steward','globalgrouppermissions'),('steward','globalgroupmembership');
Now you have the authority to manage global groups through Special:GlobalGroupPermissions. edit steward, which you are conveniently already member of, and tick everything you want (for me, everything but bot and mark rollback as bot.) You may need to restart your dbserver and/or webserver for the boxes to get checked. Nice. done. you can create new global groups through Special:GlobalGroupPermissions, and add people to it at Special:GlobalUserRights. Special:CentralAuth lets you lock accounts globally, hide them and unmerge them. I suggest installing global IP blocking, which is self explanatory, another guide may be due soon :P
[edit] Step 4, Configure global login settings
Finally, we need to do one more thing. You're obviously going to want accounts to be merged at creation. You need to go into each one of your wikis, /extensions/CentralAuth and edit centralauth.php.
Change
$wgCentralAuthAutoNew = false;
to
$wgCentralAuthAutoNew = true;
There are a few other wgSettings there you may want to configure, such as auto-login for all wikis. These are explained in the comments in the file, and elsewhere on the net.
[edit] Extra Credit
Also, if you want, you can get rid of the now useless local stewards group, by deleting the following. Wikipedia doesn't - but there is no real reason to keep it.
$wgGroupPermissions['steward']['centralauth-unmerge'] = true; $wgGroupPermissions['steward']['centralauth-lock'] = true; $wgGroupPermissions['steward']['centralauth-oversight'] = true;
If you keep them, its recommended you don't allow 'crats to add people to local steward, Manual:$wgAddGroups.
Have fun. I will try answer queries.
Of course, this documentation is released to public domain. if you're nice, attribute me :P
