Extension:QISSingleSignOn

The QISSingleSignOn extensions coordinates user authentication with a HISQIS or HISinOne portal (HISQIS and HISinOne are used by many German universities to offer campus services).

Linking the authentication server and MediaWiki
Create a link to http://example.com/mediawiki/index.php/Main_Page?qisssotoken=1.0/1115814654/wik/schmidt/d1bf93299de1b68e6d382c893bf1215f

In this example Main_Page is the name of the page you want to link to and qissotoken is the authentication token described below.

Details On The Required Token
The token look lines this (without spaces): 1.0   / 1115814654 /   wiki     / schmidt / d1bf93299de1b68e6d382c893bf1215f version /   time     / service    /  user   /            hash The second parameter is is the token creation time measured in the number of seconds since the Unix Epoch (0:00:00 January 1, 1970 GMT).

The third token is the name of the destination service as configured in the $wgAuthQISSingleSignOnService option in your LocalSettings.php.

The forth token is the user name.

A shared secret is added to theses parameters and the md5 hash is calculated. This hash is used to verify the the token has not been manipulated or forged. The shared secret is only known to the authentication server and your MediaWiki installation ($wgAuthQISSingleSignOnSharedSecret in LocalSettings.php). Without the knowledge of the shared secret it is impossible to calculate the correct hash.

Please note that the separation of user and hash is not the 4th slash but the last one. (The user name may contain '/'-chars).

Weblinks

 * Download the most recent version
 * Git-Repository