Manual talk:Hooks/UserLoadFromSession

Sample Code
Paul Lustgarten 16:10 2 April 2009 (UTC) Found this sample code very helpful - thanks! Posted some notes on it below, in Sample Code Notes.

And 15:01, 3 February 2009 (UTC) WARNING - there's a problem with user admin rights using this code - bug 17339 submitted and this page will be updated when it's fixed.

And 16:21, 21 January 2009 (UTC) I had some problems getting this to work and would have appreciated a sample, so now that I've done it, here's a bowdlerised version of my code.

Sample Code Notes
Hoping to extend the utility of the sample code graciously contributed above, here are some comments I derived from my recent implementation of a similar extension, integrating MediaWiki into my corporation's internal global authentication and single sign-on infrastructure.

Redirects: My PHP installation does not include the (apparently optional) extension for. So, instead of the call to that function given above: I tracked down the MediaWiki's own internal functions for HTTP redirects. Using that instead, the above code would look something like the following:

Sessions & Account creation: I'm not entirely sure how the originally offered code relates to the existing mechanism of sessions that MediaWiki maintains via the PHP SESSION mechanism & associated cookies. For my own version, I choose to preserve & engage that existing mechanism (and avoid introducing any new cookies), consulting the corporate authentication service only when there was no session active (e.g., once a day, rather than on every wiki-page access). This mostly entailed recasting most of the lines from  into the initial section of my authentication function called by the   hook (to identify and honor any existing session), as well as calling a few key housekeeping routines to establish a new session (after creating a new wiki account for this user, if necessary).

Also, my account creation steps ended up looking a little different than in the originally offered code, (partly because I stayed closer to the native set of user attributes), so I include those steps here.

Thus, my main function starts as follows: And it ends as follows (having already confirmed/ensured that we have valid corporate credentials for this user):

And my  function (referenced in the code above) looks like this: -- Paul Lustgarten 19:06 3 April, 2009 (UTC)