Manual talk:Hooks/UserLoadFromSession

Sample Code
Paul Lustgarten 16:10 2 April 2009 (UTC) Found this sample code very helpful - thanks! Posted some notes on it below, in Sample Code Notes.

And 15:01, 3 February 2009 (UTC) WARNING - there's a problem with user admin rights using this code - bug 17339 submitted and this page will be updated when it's fixed.

And 16:21, 21 January 2009 (UTC) I had some problems getting this to work and would have appreciated a sample, so now that I've done it, here's a bowdlerised version of my code.

Sample Code Notes
Hoping to extend the utility of the sample code graciously contributed above, here are some comments I derived from my recent implementation of a similar extension, integrating MediaWiki into my corporation's internal global authentication and single sign-on infrastructure.

Redirects: My PHP installation does not include the (apparently optional) extension for http_redirect. So, instead of the call to that function given above: I tracked down the MediaWiki's own internal functions for HTTP redirects. Using that instead, the above code would look something like the following:

Sessions & Account creation: I'm not entirely sure how the originally offered code relates to the existing mechanism of sessions that MediaWiki maintains via the PHP SESSION mechanism & associated cookies. For my own version, I choose to preserve & engage that existing mechanism (and avoid introducing any new cookies), consulting the corporate authentication service only when there was no session active (e.g., once a day, rather than on every wiki-page access). This mostly entailed recasting most of the lines from User::loadFromSession into the initial section of my authentication function called by the UserLoadFromSession hook (to identify and honor any existing session), as well as calling a few key housekeeping routines to establish a new session (after creating a new wiki account for this user, if necessary).

Also, my account creation steps ended up looking a little different than in the originally offered code, (partly because I stayed closer to the native set of user attributes), so I include those steps here.

Thus, my main function starts as follows: And it ends as follows (having already confirmed/ensured that we have valid corporate credentials for this user):

And my XXXcreateAcct function (referenced in the code above) looks like this: -- Paul Lustgarten 19:06 3 April, 2009 (UTC)