AuthPlugin/cs

Rozhraní autentizačního pluginu až do MediaWiki 1.26.



Existující autentizační pluginy
Existují ověřovací pluginy pro mnoho případů, jako je IMAP, LDAP a další. uvádí tato rozšíření.



Vytváření nových ověřovacích pluginů
Pokud potřebujete napsat svůj vlastní plugin, podívejte se na zdrojový dokument na adrese Zdrojová dokumentace MediaWiki (viz také nejnovější zdrojový kód)

Vytvořte instanci podtřídy AuthPlugin a nastavte na ni pro ověření proti nějakému externímu zdroji.

The default behavior is not to do anything, and use the local user database for all authentication. A subclass can require that all accounts authenticate externally, or use it only as a fallback; also you can transparently create internal wiki accounts the first time someone logs in who can be authenticated externally.

Fall-back
As mentioned above, a subclass can fall back to local (i.e. mediawiki db) authentication. It does this by returning false when its strict method is being called. The $wgUser object then proceeds to compare the submitted password to the one in its database.

See this excerpt of includes/User.php for details, method checkPassword:

if( $wgAuth->authenticate( $this->getName, $password ) ) { return true; } elseif( $wgAuth->strict ) { /* Auth plugin doesn't allow local authentication */ return false; } elseif( $wgAuth->strictUserAuth( $this->getName ) ) { /* Auth plugin doesn't allow local authentication for this user name */ return false; } if ( self::comparePasswords( $this->mPassword, $password, $this->mId ) ) { return true;

As you can see, it is even possible for the AuthPlugin to allow only certain users to fall back to their passwords stored locally by returning false when its strictUserAuth is being called next.

Installation
Put the files in the extensions folder (preferably a sub folder), than add something akin to the below to your LocalSettings.php

External Sessions
In order to check the login status against some external session management scheme, use the AutoAuthenticate hook (MediaWiki 1.5 - 1.12) or UserLoadFromSession (since MediaWiki 1.13). You may also use (since MediaWiki 1.14). These hooks can be used to implement a single-signon setup, in addition to simple account sharing.