Jump to content

Extension talk:Auth remoteuser

About this board

Previous discussion was archived at Extension talk:Auth remoteuser/Archive on 16 June 2020.

Start a new topic
You are not logged in. To receive attribution with your name instead of your IP address, you can log in or create an account.

Also had infinite loop with MediaWiki 1.42.1

One comment • 19:21, 27 August 2024 24 days ago
1
Cfschulte 314 (talkcontribs)

As suggested below, commenting out the if() {} block in UserNameSessionProvider, line 509 made it work again. I'm pasting the XDebug output below:


from /var/www/html/physics/includes/libs/rdbms/database/domain/DatabaseDomain.php(58)

#0 /var/www/html/physics/includes/libs/rdbms/database/domain/DatabaseDomain.php(58): is_string()

#1 /var/www/html/physics/includes/libs/rdbms/database/domain/DatabaseDomain.php(113): Wikimedia\Rdbms\DatabaseDomain->__construct()

#2 /var/www/html/physics/includes/libs/rdbms/database/DBConnRef.php(72): Wikimedia\Rdbms\DatabaseDomain::newFromId()

#3 /var/www/html/physics/includes/libs/rdbms/loadbalancer/LoadBalancer.php(839): Wikimedia\Rdbms\DBConnRef->__construct()

#4 /var/www/html/physics/includes/libs/rdbms/loadbalancer/LoadBalancer.php(755): Wikimedia\Rdbms\LoadBalancer->getConnectionRef()

#5 /var/www/html/physics/includes/libs/rdbms/lbfactory/LBFactory.php(562): Wikimedia\Rdbms\LoadBalancer->getConnection()

#6 /var/www/html/physics/includes/libs/rdbms/lbfactory/LBFactory.php(526): Wikimedia\Rdbms\LBFactory->getMappedDatabase()

#7 /var/www/html/physics/includes/libs/rdbms/DBAccessObjectUtils.php(97): Wikimedia\Rdbms\LBFactory->getPrimaryDatabase()

#8 /var/www/html/physics/includes/user/User.php(400): DBAccessObjectUtils::getDBFromRecency()

#9 /var/www/html/physics/includes/user/User.php(1575): MediaWiki\User\User->load()

#10 /var/www/html/physics/includes/user/User.php(2235): MediaWiki\User\User->getId()

#11 /var/www/html/physics/includes/user/User.php(2243): MediaWiki\User\User->isRegistered()

#12 /var/www/html/physics/includes/session/UserInfo.php(62): MediaWiki\User\User->isAnon()

#13 /var/www/html/physics/includes/session/UserInfo.php(114): MediaWiki\Session\UserInfo->__construct()

#14 /var/www/html/physics/extensions/Auth_remoteuser/src/UserNameSessionProvider.php(322): MediaWiki\Session\UserInfo::newFromName()

#15 /var/www/html/physics/includes/session/SessionManager.php(539): MediaWiki\Extension\Auth_remoteuser\UserNameSessionProvider->provideSessionInfo()

#16 /var/www/html/physics/includes/session/SessionManager.php(245): MediaWiki\Session\SessionManager->getSessionInfoForRequest()

#17 /var/www/html/physics/includes/Request/WebRequest.php(870): MediaWiki\Session\SessionManager->getSessionForRequest()

#18 /var/www/html/physics/includes/Permissions/PermissionManager.php(1594): MediaWiki\Request\WebRequest->getSession()

#19 /var/www/html/physics/includes/Permissions/PermissionManager.php(1536): MediaWiki\Permissions\PermissionManager->getUserPermissions()

#20 /var/www/html/physics/includes/Permissions/UserAuthority.php(285): MediaWiki\Permissions\PermissionManager->userHasRight()

#21 /var/www/html/physics/includes/Permissions/UserAuthority.php(144): MediaWiki\Permissions\UserAuthority->internalAllowed()

#22 /var/www/html/physics/includes/user/User.php(2292): MediaWiki\Permissions\UserAuthority->isAllowed()

#23 /var/www/html/physics/extensions/Auth_remoteuser/src/UserNameSessionProvider.php(509): MediaWiki\User\User->isAllowed()

#24 /var/www/html/physics/includes/session/SessionManager.php(867): MediaWiki\Extension\Auth_remoteuser\UserNameSessionProvider->refreshSessionInfo()

#25 /var/www/html/physics/includes/session/SessionManager.php(558): MediaWiki\Session\SessionManager->loadSessionInfoFromStore()

#26 /var/www/html/physics/includes/session/SessionManager.php(245): MediaWiki\Session\SessionManager->getSessionInfoForRequest()

#27 /var/www/html/physics/includes/Request/WebRequest.php(870): MediaWiki\Session\SessionManager->getSessionForRequest()

#28 /var/www/html/physics/includes/Permissions/PermissionManager.php(1594): MediaWiki\Request\WebRequest->getSession()

#29 /var/www/html/physics/includes/Permissions/PermissionManager.php(1536): MediaWiki\Permissions\PermissionManager->getUserPermissions()

#30 /var/www/html/physics/includes/Permissions/UserAuthority.php(285): MediaWiki\Permissions\PermissionManager->userHasRight()

#31 /var/www/html/physics/includes/Permissions/UserAuthority.php(144): MediaWiki\Permissions\UserAuthority->internalAllowed()

#32 /var/www/html/physics/includes/user/User.php(2292): MediaWiki\Permissions\UserAuthority->isAllowed()

#33 /var/www/html/physics/extensions/Auth_remoteuser/src/UserNameSessionProvider.php(509): MediaWiki\User\User->isAllowed()

Reply 19:21, 27 August 2024 24 days ago
Reply to "Also had infinite loop with MediaWiki 1.42.1"

Infinite Loop encounterd

4 comments • 05:31, 23 August 2024 28 days ago
4
Inlimity (talkcontribs)

Currently this extension did cause an infinite loop for me, causing the entire wiki to not allow any login:


[...]

#493 /usr/share/webapps/mediawiki/extensions/Auth_remoteuser/src/UserNameSessionProvider.php(509): MediaWiki\User\User->isAllowed(string)

#494 /usr/share/webapps/mediawiki/includes/session/SessionManager.php(867): MediaWiki\Extension\Auth_remoteuser\UserNameSessionProvider->refreshSessionInfo(MediaWiki\Session\SessionInfo, MediaWiki\Request\WebRequest, array)

#495 /usr/share/webapps/mediawiki/includes/session/SessionManager.php(558): MediaWiki\Session\SessionManager->loadSessionInfoFromStore(MediaWiki\Session\SessionInfo, MediaWiki\Request\WebRequest)

#496 /usr/share/webapps/mediawiki/includes/session/SessionManager.php(245): MediaWiki\Session\SessionManager->getSessionInfoForRequest(MediaWiki\Request\WebRequest)

#497 /usr/share/webapps/mediawiki/includes/Request/WebRequest.php(870): MediaWiki\Session\SessionManager->getSessionForRequest(MediaWiki\Request\WebRequest)

#498 /usr/share/webapps/mediawiki/includes/Permissions/PermissionManager.php(1594): MediaWiki\Request\WebRequest->getSession()

#499 /usr/share/webapps/mediawiki/includes/Permissions/PermissionManager.php(1536): MediaWiki\Permissions\PermissionManager->getUserPermissions(MediaWiki\User\User)

#500 /usr/share/webapps/mediawiki/includes/Permissions/UserAuthority.php(285): MediaWiki\Permissions\PermissionManager->userHasRight(MediaWiki\User\User, string)

#501 /usr/share/webapps/mediawiki/includes/Permissions/UserAuthority.php(144): MediaWiki\Permissions\UserAuthority->internalAllowed(string, NULL, boolean, NULL)

#502 /usr/share/webapps/mediawiki/includes/user/User.php(2292): MediaWiki\Permissions\UserAuthority->isAllowed(string, NULL)

#503 /usr/share/webapps/mediawiki/extensions/Auth_remoteuser/src/UserNameSessionProvider.php(509): MediaWiki\User\User->isAllowed(string)

#504 /usr/share/webapps/mediawiki/includes/session/SessionManager.php(867): MediaWiki\Extension\Auth_remoteuser\UserNameSessionProvider->refreshSessionInfo(MediaWiki\Session\SessionInfo, MediaWiki\Request\WebRequest, array)

#505 /usr/share/webapps/mediawiki/includes/session/SessionManager.php(558): MediaWiki\Session\SessionManager->loadSessionInfoFromStore(MediaWiki\Session\SessionInfo, MediaWiki\Request\WebRequest)

#506 /usr/share/webapps/mediawiki/includes/session/SessionManager.php(245): MediaWiki\Session\SessionManager->getSessionInfoForRequest(MediaWiki\Request\WebRequest)

#507 /usr/share/webapps/mediawiki/includes/Request/WebRequest.php(870): MediaWiki\Session\SessionManager->getSessionForRequest(MediaWiki\Request\WebRequest)

#508 /usr/share/webapps/mediawiki/includes/session/SessionManager.php(166): MediaWiki\Request\WebRequest->getSession()

#509 /usr/share/webapps/mediawiki/includes/Setup.php(487): MediaWiki\Session\SessionManager::getGlobalSession()

#510 /usr/share/webapps/mediawiki/includes/WebStart.php(85): require_once(string)

#511 /usr/share/webapps/mediawiki/index.php(50): require(string)

#512 {main}


Somewho the call to $user->isAllowed( 'createaccount' ) in line 509 of UserNameSessionProvider.php causes an infinite loop. I have

$wgGroupPermissions['*']['autocreateaccount'] = true;

$wgGroupPermissions['*']['createaccount'] = false;

in my LocalSettings.php


I just replacing line 509 in that file with if (true), the wiki does somewhat work again. However, I'm not sure what happens with new users.

Reply 08:11, 11 July 2024 2 months ago
193.54.89.80 (talkcontribs)

Dear devs,

I have exactly the same problem with the same settings

Thank you for your help.

Reply 09:41, 21 August 2024 30 days ago
184.68.205.162 (talkcontribs)

Hello, I can confirm I'm encountering the exact same infinite loop.

MEdiaWiki 1.42, Auth_RemoteUser git version 2.1.0-94-g4878ba4 .

The REMOTE_USER is passed from nginx correctly to php-fpm ( debug-printing $_SERVER["REMOTE_USER"] from LocalSettings.php prints the correct email ) .

Enabling logging, this message repeats:


```

[session] Setting up auto login session for remote user name 'me@example.com' (mapped to MediaWiki user 'Me@example.com', currently active as MediaWiki user 'Me@example.com').

[rdbms] Wikimedia\Rdbms\LoadBalancer::reuseOrOpenConnectionForNewRef: reusing connection for 0/my_wiki

[rdbms] MediaWiki\User\User::load [0.126ms] localhost: SELECT  actor_id,actor_user,actor_name  FROM `actor`    WHERE actor

_name = 'Me@example.com'  LIMIT 1

```

Not sure if it matters, but the REMOTE_USER contains lower case email, and is mapped to Upper case first letter for the SQL .

Reply 02:52, 23 August 2024 28 days ago
174.0.239.6 (talkcontribs)

Follow-up to my previous comment:

  1. Removing the "if()" in UserNameSessionProvider.php:509 was needed but not sufficient (thanks to the user above who suggested it).
  2. The username (set by NGINX in HTTP_REMOTE_USER) needs to *already exist* in the "actor" table for this to work for me - it is not created automatically by Auth_RemoteUser despite both settings "createaccount" and "autocreateaccoutn" being true. Perhaps there's some missing option that's required but not documented ?
Reply 05:31, 23 August 2024 28 days ago
Reply to "Infinite Loop encounterd"

Auth_remoteuser does not work with mediawiki 1.42.1

2 comments • 07:11, 6 July 2024 2 months ago
2
87.19.93.231 (talkcontribs)

I think the cause is the mediawiki 1.42.1 wants a composer2 meanwhile the extension is built with composer1.

Is there anybody out there that knows how to procede ?

Reply 17:11, 28 June 2024 2 months ago
80.181.194.199 (talkcontribs)

I solved the problem replacing Auth_remoteuser with the following couple of extensions PluggableAuth and AuthRemoteUser:

In LocalSettings.php:

wfLoadExtension( 'PluggableAuth' );

wfLoadExtension( 'AuthRemoteUser' );

$wgPluggableAuth_EnableAutoLogin = true;

Reply 07:11, 6 July 2024 2 months ago
Reply to "Auth_remoteuser does not work with mediawiki 1.42.1"

Visual editor plugin is is not able to detect user is already logged in

One comment • 01:08, 15 June 2024 3 months ago
1
Nishwikiuser (talkcontribs)

When using Auth remoteuser plugin to automatically login i have used this command

wgAuthRemoteuserUserName = $_SERVER['HTTP_X_AMZN_OIDC_IDENTITY']

and i see that once my sso authentication is complet and i navigate to wiki my user name is reflected on top right corner.

But when i click on edit option to the Visaual editor complains

Warning: You are not logged in. Your IP address will be publicly visible if you make any edits. If you log in or create an account, your edits will be attributed to your username, along with other benefits.

Reply 01:08, 15 June 2024 3 months ago
Reply to "Visual editor plugin is is not able to detect user is already logged in"

constant warnings

8 comments • 19:22, 6 May 2024 4 months ago
8
206.108.31.36 (talkcontribs)

looks like the new MediaWiki is throwing warning in the PHP errors log every page load


PHP Deprecated:  Use of PersonalUrls hook (used in hook-PersonalUrls-closure) was deprecated in MediaWiki 1.39. [Called from MediaWiki\HookContainer\HookContainer::run in C:\inetpub\wwwroot\wiki\includes\HookContainer\HookContainer.php at line 137] in C:\inetpub\wwwroot\wiki\includes\debug\MWDebug.php on line 381

Reply 01:20, 22 October 2022 1 year ago
Ciencia Al Poder (talkcontribs)

You should disable php deprecation notices on production websites. Otherwise, this may need to be a bugreport.

Reply 08:39, 22 October 2022 1 year ago
Huwmanbeing (talkcontribs)

Hmm, I'm getting this exact warning too, but not a problem once I turned off the notices.

Reply Edited 00:42, 3 December 2022 1 year ago
204.126.253.10 (talkcontribs)

MW 1.39: Continuous Deprecation notices on Auth_remoteuser.

When Auth_remoteuser extension is active, the following depreciation notices will appear:


Deprecated: Use of PersonalUrls hook was deprecated in MediaWiki 1.39. [Called from Hooks::register in /var/www/html/includes/Hooks.php at line 55] in /var/www/html/includes/debug/MWDebug.php on line 381

Deprecated: Hook PersonalUrls was deprecated in MediaWiki 1.39 but is registered in /var/www/html/extensions/PluggableAuth/extension.json in /var/www/html/includes/debug/MWDebug.php on line 381

Deprecated: Use of PersonalUrls hook (used in hook-PersonalUrls-closure) was deprecated in MediaWiki 1.39. [Called from MediaWiki\HookContainer\HookContainer::run in /var/www/html/includes/HookContainer/HookContainer.php at line 137] in /var/www/html/includes/debug/MWDebug.php on line 381


This is regardless of debugging statements specified in LocalSettings. All extensions are at the 1.39 release. Auth_remoteuser, LDAPAuthentication2, LDAPGroups, LDAPUserInfo, PluggableAuth.

Reply 17:03, 5 December 2022 1 year ago
Grandeescanciano (talkcontribs)

I have the same problem, any solution provided?

Also, somehow if Auth_remoteuser always trying to create a new user even though the User provided by $_SERVER[REMOTE_USER] exists.

Reply 10:19, 5 April 2023 1 year ago
91.192.31.192 (talkcontribs)

MediaWiki User

I have the same problem i version 1.38.4 is there any new solution for this problem?

Reply 13:22, 18 April 2023 1 year ago
Ciencia Al Poder (talkcontribs)

Read comment #1

Reply 17:49, 18 April 2023 1 year ago
Opoplawski (talkcontribs)
Reply 19:22, 6 May 2024 4 months ago
Reply to "constant warnings"

Manage user groups

2 comments • 17:05, 8 February 2024 7 months ago
2
188.28.224.232 (talkcontribs)

I currently have to manually edit the user groups for when someone is given a certain status on our wiki via auth (from database, the wiki gets username and user "roles")

Dependant on a user's "roles", I'd like it to I can give a certain group based on it, e.g. if user has the "admin" role in the database, it gives an "admin" group in the wiki

Reply 16:46, 11 August 2023 1 year ago
Opoplawski (talkcontribs)

I would like to be able to do this as well, perhaps just based on email address.

Reply 17:05, 8 February 2024 7 months ago
Reply to "Manage user groups"

Automatic login not working in MW 1.39.4

One comment • 14:23, 16 October 2023 11 months ago
1
Testergt1302 (talkcontribs)

Hi,

I am looking for a configuration, which can be used to auto-login into wiki with LDAP.

I have a working config of Ldapauthentication2 extension. But it will login only if I provide username&password.

I want to have auto-login enabled in the wiki. is it possible through Auth_remoteuser ?

tried to enable Auth_remoteuser, then I get below error in ldapauthorization log.

##

wiki139test: MediaWiki\Extension\LDAPAuthorization\Hook\AuthRemoteuserFilterUserName: Check authorization for user 'tester'.

wiki139test: Could not check login requirements for tester

wiki139test: Unsupported format!

##

Apart from this, no other logs found. is there any other settings need to be added in my config ?


Software Versions:

MediaWiki 1.39.4

PHP 8.0.25 (apache2handler)

MySQL 8.0.26

PluggableAuth 7.0.0 (1cbf448) 05:33, 29 August 2023

LDAPAuthentication2 2.0.2 (b83f5d1) 07:23, 4 September 2023

LDAPAuthorization 2.0.1 (fbb1c3b) 07:23, 4 September 2023

LDAPProvider 2.0.1 (cc5cb2c) 14:06, 19 September 2023

Auth_remoteuser 2.1.1 (b9c4b86) 05:44, 1 August 2023

Reply 14:23, 16 October 2023 11 months ago
Reply to "Automatic login not working in MW 1.39.4"

Compatibility with API.php

2 comments • 02:57, 11 August 2023 1 year ago
2
NickAU83 (talkcontribs)

This extension works perfectly and does exactly what I need it to do - however I also have a need to use the api to get a token and log in remotely to provide an interface between our central management console and the wiki to create/enable/disable user accounts. I have created a bot account for doing this however when i get to the api log in the response I get is: "Cannot log in when using MediaWiki\Extension\Auth_remoteuser\AuthRemoteuserSessionProvider sessions." Is there a way to stil use api bot access whilst using this extension? My other avenue is to try and use odbc and directly do account management in the database - which I wanted to avoid.

Reply 09:49, 10 August 2023 1 year ago
NickAU83 (talkcontribs)

I was able to get this working using a read-only database account to directly query the user table to check if a user exists and then the createAndPromote.php and blockUsers.php maintenance scripts to build an interface function that integrates into our CMC which has the desired effects.

Reply 02:57, 11 August 2023 1 year ago
Reply to "Compatibility with API.php"

Auto Login vi RemoteuserUserName not working

One comment • 22:25, 9 June 2023 1 year ago
1
107.185.133.87 (talkcontribs)

I'm using Google to authenticate users and setting

$wgAuthRemoteuserUserName

appropriately. However, the user is not automatically logged in and an account is not created.

I tracked it down to an issue in includes/session/SessionManager.php where it loads a blank session instead of one based on the request.

In the getSessionById() function, I replace the call

$session = $this->getEmptySessionInternal( $request, $id );

with

$session = self::singleton()->getSessionForRequest( $request );

and everything works beautifully.

Can someone with better knowledge of MediaWiki than me take a look and see if this should be filed as a bug against MediaWiki? or is it an improper solve, and I should be looking to adjust Auth_remoteuser in some way?

I'm using Mediawiki 1.38.4 and Auth_remoteuser REL1_38


Thanks in advance

Reply 22:25, 9 June 2023 1 year ago
Reply to "Auto Login vi RemoteuserUserName not working"

New version release that is compatible to MediaWiki 1.39

One comment • 06:50, 10 May 2023 1 year ago
1
Osnard (talkcontribs)

The latest "released" version 2.1.1 is not yet compatible to MediaWiki 1.39. One needs either to use REL1_39 or master branch. Using master may be dangerous with future updates.

Unfortunately the extension description does not state an official "Compatibility policy".

Could the maintainer of this extension maybe update the "Compatibility policy" and/or release a version 3.0.0 that is compatible to MediaWiki 1.39?

Thanks in advance!

Reply 06:50, 10 May 2023 1 year ago
Reply to "New version release that is compatible to MediaWiki 1.39"
Load more
Retrieved from "https://www.mediawiki.org/wiki/Extension_talk:Auth_remoteuser"