Extension:HttpAuth

Overview
This extension only works with MediaWiki instances setup behind HTTP authentication. It pulls usernames from. The extension will then either log the user on to MediaWiki if the user name exists in the database or create a new user if it does not.

Installation
Drop the extension in

Edit LocalSettings.php and add:

if (!empty($_SERVER['PHP_AUTH_USER'])) { require_once("$IP/extensions/HttpAuthPlugin.php"); $wgAuth = new HttpAuthPlugin; $wgHooks['AutoAuthenticate'][] = array($wgAuth,'autoAuthenticate'); }

also remember to add session_start; at the top of the page.

Name Substitution
This extension also supports name substitution. For example if the user's Http Auth username is foo and the user would like their wiki name to be bar we can do this:

$wgAuth->addNameSub('foo','bar');

Do this directly after instantiating the object

Allowing Anonymous Browsing
If you want to allow anonymous users to browse the site without hitting a basic auth popup and you have clean URLs configured you can place some code like this near the top of your LocalSettings.php script:

function redirect($path) { $host = strlen($_SERVER['HTTP_HOST'])?$_SERVER['HTTP_HOST']:$_SERVER['SERVER_NAME']; header('Location: http://'.$host.$path); header('Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0'); exit; } if ($_GET['title'] == 'Special:Userlogin') { redirect('/Special:Userlogin?returnto='.$_GET['returnto']); } if (strpos($_SERVER['REQUEST_URI'], '/Special:Userlogin') !== false) { if ($_GET['returnto']) { redirect('/'.$_GET['returnto']); }  else { redirect('/Main_Page'); } }

This will make sure that whenever a user clicks the 'log on' link they are redirected to /Special:Userlogin (if necessary). Apache can then be configured with the authentication inside a  directive, which will pop up the authentication box for that URL only. Finally, when they reach that URL (having authenticated) we redirect them to wherever they came from, if that information was provided by the link. The user should then be logged in.

Note: This code has not been tested in multiple server configurations - expect to need to tweak this code for your specific setup! Also note, this does not easily allow users to log out.