Extension talk:PluggableAuth

Jump to navigation Jump to search

About this board

When reporting an error, please be sure to include version information for MediaWiki and all relevant extensions as well as configuration information. Also, please turn on debug logging as described at Manual:How to debug#Logging and include the relevant portions of the debug log.

Summary by Cindy.cicalese

LDAPAuthentication migration issue. Report at Talk:LDAP_hub/Migration_from_extension_LDAPAuthentication.

Ablum010777 (talkcontribs)

I've tried to configure my LocalSettings.php according to LDAP hub/Migration from extension LDAPAuthentication with the local login disabled. As a result the login fields for the user name and the password do not appear and an error message pops up saying "The provided login information could not be verified". So logging in is not possible which makes it impossible for me to migrate from 1.32 to 1.33. Please do something about it.

Cindy.cicalese (talkcontribs)

PluggableAuth extension version lineup

2
Summary by Cindy.cicalese

PluggableAuth version 5.7 is compatible with MW 1.31.

S0ring (talkcontribs)

Is version 5.7 compatible with MW 1.31?

S0ring (talkcontribs)

At first sight it seems to be compatible.

Summary by Cindy.cicalese

Settings for LDAP attributes are (currently) case sensitive

213.138.74.76 (talkcontribs)

Hello!

If i use php extensions/LDAPProvider/maintenance/CheckLogin.php --domain mydomain --username user

Auth is OK


php extensions/LDAPProvider/maintenance/ShowUserInfo.php --domain mydomain --username user

is pretty fine too


But then i trying to auth in usual way i get the error:


[568043a6f699c2aa8ba284f2] /mediawiki/index.php?title=%D0%A1%D0%BB%D1%83%D0%B6%D0%B5%D0%B1%D0%BD%D0%B0%D1%8F:%D0%92%D1%85%D0%BE%D0%B4&returnto=%D0%97%D0%B0%D0%B3%D0%BB%D0%B0%D0%B2%D0%BD%D0%B0%D1%8F+%D1%81%D1%82%D1%80%D0%B0%D0%BD%D0%B8%D1%86%D0%B0 DomainException from line 612 of /var/lib/mediawiki/includes/auth/AuthManager.php: PluggableAuthPrimaryAuthenticationProvider returned an invalid username:

Backtrace:

#0 /var/lib/mediawiki/includes/specialpage/AuthManagerSpecialPage.php(355): MediaWiki\Auth\AuthManager->continueAuthentication(array)

#1 /var/lib/mediawiki/includes/specialpage/AuthManagerSpecialPage.php(482): AuthManagerSpecialPage->performAuthenticationStep(string, array)

#2 /var/lib/mediawiki/includes/htmlform/HTMLForm.php(660): AuthManagerSpecialPage->handleFormSubmit(array, VFormHTMLForm)

#3 /var/lib/mediawiki/includes/specialpage/AuthManagerSpecialPage.php(416): HTMLForm->trySubmit()

#4 /var/lib/mediawiki/includes/specialpage/LoginSignupSpecialPage.php(316): AuthManagerSpecialPage->trySubmit()

#5 /var/lib/mediawiki/includes/specialpage/SpecialPage.php(565): LoginSignupSpecialPage->execute(NULL)

#6 /var/lib/mediawiki/includes/specialpage/SpecialPageFactory.php(568): SpecialPage->run(NULL)

#7 /var/lib/mediawiki/includes/MediaWiki.php(288): SpecialPageFactory::executePath(Title, RequestContext)

#8 /var/lib/mediawiki/includes/MediaWiki.php(861): MediaWiki->performRequest()

#9 /var/lib/mediawiki/includes/MediaWiki.php(524): MediaWiki->main()

#10 /var/lib/mediawiki/index.php(42): MediaWiki->run()

#11 {main}


Details:


MediaWiki 1.31.3

PluggableAuth5.4 (300ac44)

LDAPProvider1.0.1 (3d9d3a3)

LDAPAuthentication21.0.0 (954a8f9)


Config:


wfLoadExtension( 'PluggableAuth' );

wfLoadExtension( 'LDAPProvider' );

wfLoadExtension( 'LDAPAuthentication2' );


$LDAPAuthentication2UsernameNormalizer = 'strtolower';

$LDAPAuthentication2AllowLocalLogin = true;


$LDAPProviderDomainConfigProvider = function() {

   $config = [

       'mydomaincom' => [

           'connection' => [

               "server" => "dc1.mydomain.com",

               "user" => "mydomaincom\\user",

               "pass" => 'Password02',

               "options" => [

                   "LDAP_OPT_DEREF" => 1

               ],

               "basedn" => "DC=mydomain,DC=com",

               "groupbasedn" => "DC=mydomain,DC=com",

               "userbasedn" => "DC=mydomain,DC=com",

               "searchattribute" => "sAMAccountName",

               "searchstring" => "mydomaincom\\USER-NAME",

               "usernameattribute" => "sAMAccountName",

               "realnameattribute" => "cn",

               "emailattribute" => "mail"

           ],

                       "groupsync" => [

                       ],

                       "userinfo" => [

                       ]

       ]

   ];

   return new \MediaWiki\Extension\LDAPProvider\DomainConfigProvider\InlinePHPArray( $config );

};

$LDAPAuthentication2AllowLocalLogin=true;

$wgShowExceptionDetails = true;


Cindy.cicalese (talkcontribs)

Could you please include the part of the debug log before that point? In particular, was there any previous debugging output from PluggableAuth or any of the LDAP extensions?


@Osnard, does the LDAP config look OK?

MarkAHershberger (talkcontribs)

Debug logs would definitely help. This part is especially confusing:

DomainException from line 612 of /var/lib/mediawiki/includes/auth/AuthManager.php: PluggableAuthPrimaryAuthenticationProvider returned an invalid username:

Somehow you're getting an empty username instead of null or whatever you entered.

Osnard (talkcontribs)

Please check the value of connection.usernameattribute in the domain config of LDAPProvider. Be aware that this value is case sensitive. So if ShowUserInfo.php lists samaccountname a value of samAccountName will not work. These values need to match. There is already a Phabricator task: https://phabricator.wikimedia.org/T226693

Summary by Cindy.cicalese

Configuration issue. Not a problem with PluggableAuth.

Ravikzm (talkcontribs)

Configured Mediawiki to use the simplesamlphp with PluggableAuth extensions. But getting blank page (url : wiki.domain.com/index.php?title=Special:PluggableAuthLogin) when try to access wiki.domain.com but working when access wiki.internal.domain.com

- My wiki lives at wiki.internal.domain.com, but is exposed to the world at wiki.domain.com

in both causes authentication is success.

Details :

Media wiki, PluggableAuth, Simplesamlphp version : 1.32.2

Configuration

$wgSimpleSAMLphp_InstallDir = "D:\home\site\wwwroot\simplesamlphp";

$wgSimpleSAMLphp_AuthSourceId = "aadwiki";

$wgSimpleSAMLphp_UsernameAttribute = 'http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name';

$wgSimpleSAMLphp_RealNameAttribute = 'http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name';      // Real Name attribute

$wgSimpleSAMLphp_EmailAttribute    = 'http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name';    // email address attribute

$wgGroupPermissions['*']['autocreateaccount'] = true;


code

[PluggableAuth] In execute()

[PluggableAuth] Getting PluggableAuth singleton

[PluggableAuth] Class name: SimpleSAMLphp

[DBConnection] Wikimedia\Rdbms\LoadBalancer::openConnection: calling initLB() before first connection.

[DBReplication] Cannot use ChronologyProtector with EmptyBagOStuff.

[DBReplication] Wikimedia\Rdbms\LBFactory::getChronologyProtector: using request info {

    "IPAddress": "167.220.26.111",

    "UserAgent": "Mozilla\/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit\/537.36 (KHTML, like Gecko) Chrome\/75.0.3770.100 Safari\/537.36",

    "ChronologyProtection": false,

    "ChronologyPositionIndex": 0,

    "ChronologyClientId": null

}

[DBConnection] Wikimedia\Rdbms\LoadBalancer::openLocalConnection: connected to database 0 at 'localhost'.

[PluggableAuth] Authenticated existing user: ravicv

[error] [ea50d7447bb7b57d1992ec8e] /index.php?title=Special:PluggableAuthLogin   ErrorException from line 174 of D:\home\site\wwwroot\includes\Hooks.php: PHP Warning: Parameter 1 to SimpleSAMLphp::populateGroups() expected to be a reference, value given

#0 D:\home\site\wwwroot\includes\Hooks.php(174): MWExceptionHandler::handleError(integer, string, string, integer, array)

#1 D:\home\site\wwwroot\includes\Hooks.php(202): Hooks::callHook(string, array, array, NULL)

#2 D:\home\site\wwwroot\extensions\PluggableAuth\includes\PluggableAuthLogin.php(44): Hooks::run(string, array)

#3 D:\home\site\wwwroot\includes\specialpage\SpecialPage.php(569): PluggableAuthLogin->execute(NULL)

#4 D:\home\site\wwwroot\includes\specialpage\SpecialPageFactory.php(568): SpecialPage->run(NULL)

#5 D:\home\site\wwwroot\includes\MediaWiki.php(288): MediaWiki\Special\SpecialPageFactory->executePath(Title, RequestContext)

#6 D:\home\site\wwwroot\includes\MediaWiki.php(860): MediaWiki->performRequest()

#7 D:\home\site\wwwroot\includes\MediaWiki.php(517): MediaWiki->main()

#8 D:\home\site\wwwroot\index.php(42): MediaWiki->run()

#9 {main}

[session] SessionBackend "nhjgllihdf5qf2ddxxxxxxxnf1e1o09djpav7i4vb" data dirty due to dirty(): MediaWiki\Auth\AuthManager->setAuthenticationSessionData/MediaWiki\Session\Session->setSecret/MediaWiki\Session\Session->getSecretKeys/MediaWiki\Session\Session->set/MediaWiki\Session\SessionBackend->dirty

[session] SessionBackend "nhjgllihdf5qf2ddxxxxxxxnf1e1o09djpav7i4vb" data dirty due to dirty(): MediaWiki\Auth\AuthManager->setAuthenticationSessionData/MediaWiki\Session\Session->setSecret/MediaWiki\Session\Session->getSecretKeys/MediaWiki\Session\Session->set/MediaWiki\Session\SessionBackend->dirty

[session] SessionBackend "nhjgllihdf5qf2ddxxxxxxxnf1e1o09djpav7i4vb" data dirty due to dirty(): PluggableAuthLogin->execute/MediaWiki\Auth\AuthManager->setAuthenticationSessionData/MediaWiki\Session\Session->setSecret/MediaWiki\Session\Session->set/MediaWiki\Session\SessionBackend->dirty

[session] SessionBackend "nhjgllihdf5qf2ddxxxxxxxnf1e1o09djpav7i4vb" save: dataDirty=1 metaDirty=0 forcePersist=0

[session] SessionBackend "nhjgllihdf5qf2ddxxxxxxxnf1e1o09djpav7i4vb" data dirty due to dirty(): PluggableAuthLogin->execute/MediaWiki\Auth\AuthManager->setAuthenticationSessionData/MediaWiki\Session\Session->setSecret/MediaWiki\Session\Session->set/MediaWiki\Session\SessionBackend->dirty

[session] SessionBackend "nhjgllihdf5qf2ddxxxxxxxnf1e1o09djpav7i4vb" save: dataDirty=1 metaDirty=0 forcePersist=0

[session] SessionBackend "nhjgllihdf5qf2ddxxxxxxxnf1e1o09djpav7i4vb" data dirty due to dirty(): PluggableAuthLogin->execute/MediaWiki\Auth\AuthManager->setAuthenticationSessionData/MediaWiki\Session\Session->setSecret/MediaWiki\Session\Session->set/MediaWiki\Session\SessionBackend->dirty

[PluggableAuth] User is authorized.

[session] SessionBackend "nhjgllihdf5qf2ddxxxxxxxnf1e1o09djpav7i4vb" save: dataDirty=1 metaDirty=0 forcePersist=0

[PluggableAuth]

[PluggableAuth] ERROR: return to URL is null or empty

MarkAHershberger (talkcontribs)
Cindy.cicalese (talkcontribs)

You are using an old version of SimpleSAMLphp. That bug was fixed in version 4.4. The current version is 4.5. As best as I can tell from what you have above, you got REL1_32 from ExtensionDistributor, which corresponds to version 4.2. The more recent versions will work with MW 1.32.

Ravikzm (talkcontribs)

Hi Cindy,


I have upgraded the PlugableAuth and Simplesamlphp to 5.7 and 4.5 respectively with MW 1.32.3. still I am seeing the same issue and getting "Fatal error authenticating user' message in UI.

also updated the SimpleSamlphp config to 1.17.4

Log

X-WAWS-UNENCODED-URL: /index.php?title=Special:PluggableAuthLogin

[caches] cluster: WinCacheBagOStuff, WAN: mediawiki-main-default, stash: db-replicated, message: WinCacheBagOStuff, session: WinCacheBagOStuff

[caches] LocalisationCache: using store LCStoreCDB

[session] SessionBackend "erc1nfki9ueng2dobp0sadfdsfdsfske7hh30780bj" is unsaved, marking dirty in constructor

[session] SessionBackend "erc1nfki9ueng2dobp0sadfdsfdsfske7hh30780bj" save: dataDirty=1 metaDirty=1 forcePersist=0

[cookie] already deleted setcookie: "wiki_session", "", "1531290464", "/", "", "1", "1"

[cookie] already deleted setcookie: "wikiUserID", "", "1531290464", "/", "", "1", "1"

[cookie] already deleted setcookie: "wikiToken", "", "1531290464", "/", "", "1", "1"

[cookie] already deleted setcookie: "forceHTTPS", "", "1531290464", "/", "", "", "1"

[PluggableAuth] In execute()

[PluggableAuth] Getting PluggableAuth singleton

[PluggableAuth] Class name: SimpleSAMLphp

[DBConnection] Wikimedia\Rdbms\LoadBalancer::openConnection: calling initLB() before first connection.

[DBReplication] Cannot use ChronologyProtector with EmptyBagOStuff.

[DBReplication] Wikimedia\Rdbms\LBFactory::getChronologyProtector: using request info {

    "IPAddress": "167.220.26.111",

    "UserAgent": "Mozilla\/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit\/537.36 (KHTML, like Gecko) Chrome\/75.0.3770.100 Safari\/537.36",

    "ChronologyProtection": false,

    "ChronologyPositionIndex": 0,

    "ChronologyClientId": null

}

[DBConnection] Wikimedia\Rdbms\LoadBalancer::openLocalConnection: connected to database 0 at 'localhost'.

[PluggableAuth] Authenticated existing user: ravicv

[SimpleSAMLphp] $wgSimpleSAMLphp_GroupMap is not an array

[session] SessionBackend "erc1nfki9ueng2dobp0sadfdsfdsfske7hh30780bj" data dirty due to dirty(): MediaWiki\Auth\AuthManager->setAuthenticationSessionData/MediaWiki\Session\Session->setSecret/MediaWiki\Session\Session->getSecretKeys/MediaWiki\Session\Session->set/MediaWiki\Session\SessionBackend->dirty

[session] SessionBackend "erc1nfki9ueng2dobp0sadfdsfdsfske7hh30780bj" data dirty due to dirty(): MediaWiki\Auth\AuthManager->setAuthenticationSessionData/MediaWiki\Session\Session->setSecret/MediaWiki\Session\Session->getSecretKeys/MediaWiki\Session\Session->set/MediaWiki\Session\SessionBackend->dirty

[session] SessionBackend "erc1nfki9ueng2dobp0sadfdsfdsfske7hh30780bj" data dirty due to dirty(): PluggableAuthLogin->execute/MediaWiki\Auth\AuthManager->setAuthenticationSessionData/MediaWiki\Session\Session->setSecret/MediaWiki\Session\Session->set/MediaWiki\Session\SessionBackend->dirty

[session] SessionBackend "erc1nfki9ueng2dobp0sadfdsfdsfske7hh30780bj" save: dataDirty=1 metaDirty=0 forcePersist=0

[session] SessionBackend "erc1nfki9ueng2dobp0sadfdsfdsfske7hh30780bj" data dirty due to dirty(): PluggableAuthLogin->execute/MediaWiki\Auth\AuthManager->setAuthenticationSessionData/MediaWiki\Session\Session->setSecret/MediaWiki\Session\Session->set/MediaWiki\Session\SessionBackend->dirty

[session] SessionBackend "erc1nfki9ueng2dobp0sadfdsfdsfske7hh30780bj" save: dataDirty=1 metaDirty=0 forcePersist=0

[session] SessionBackend "erc1nfki9ueng2dobp0sadfdsfdsfske7hh30780bj" data dirty due to dirty(): PluggableAuthLogin->execute/MediaWiki\Auth\AuthManager->setAuthenticationSessionData/MediaWiki\Session\Session->setSecret/MediaWiki\Session\Session->set/MediaWiki\Session\SessionBackend->dirty

[PluggableAuth] User is authorized.

[session] SessionBackend "erc1nfki9ueng2dobp0sadfdsfdsfske7hh30780bj" save: dataDirty=1 metaDirty=0 forcePersist=0

[PluggableAuth] ERROR: return to URL is null or empty

User: loading options for user 8944 from override cache.

[MessageCache] MessageCache::load: Loading en... local cache is empty, got from global cache

Unstubbing $wgParser on call of $wgParser::getFreshParser from OutputPage->addWikiTextTitleInternal

Parser: using preprocessor: Preprocessor_DOM

MediaWiki::preOutputCommit: primary transaction round committed

MediaWiki::preOutputCommit: pre-send deferred updates completed

MediaWiki::preOutputCommit: LBFactory shutdown completed

Unstubbing $wgLang on call of $wgLang::_unstub from ParserOptions->__construct

[session] SessionBackend "erc1nfki9ueng2dobp0sadfdsfdsfske7hh30780bj" data dirty due to dirty(): User->getEditToken/User->getEditTokenObject/MediaWiki\Session\Session->getToken/MediaWiki\Session\Session->set/MediaWiki\Session\SessionBackend->dirty

User: loading options for user 8944 from override cache.

User: loading options for user 8944 from override cache.

[session] SessionBackend "erc1nfki9ueng2dobp0sadfdsfdsfske7hh30780bj" save: dataDirty=1 metaDirty=0 forcePersist=0

OutputPage::sendCacheControl: private caching;  

Ravikzm (talkcontribs)

I have tried MW 1.33.0 and the issue persistent

Cindy.cicalese (talkcontribs)

I see two errors there. The first is:

[SimpleSAMLphp] $wgSimpleSAMLphp_GroupMap is not an array

The second is:

[PluggableAuth] ERROR: return to URL is null or empty

When I have seen the second error, it is usually due to some underlying configuration error in the authentication library. I do see that you are able to authenticate the user, but the session has been cleared by the time you need to get the return to URL. It may be that the first error is causing the second error as a side effect. But, that seems somewhat unlikely (although I encourage you to fix that if you can - are you setting $wgSimpleSAMLphp_GroupMap or is it using its default value?). This seems to be a session-related error. Have you looked at Extension:SimpleSAMLphp#Known_Bugs?

Ravikzm (talkcontribs)

I already verified the known bugs and changed to sql instead of phpsession when i got a infinite loop when authenticating with Azure AAD app.we do not have any group, so not set $wgSimpleSAMLphp_GroupMap and it using default

Cindy.cicalese (talkcontribs)

I filed a bug and submitted a patch for the $wgSimpleSAMLphp_GroupMap warning: https://phabricator.wikimedia.org/T227956.


Regarding the null return to URL, I looked back at your original post and will restate the problem. You mention that logging in with wiki.internal.domain.com gives you a blank page (due to the null return to URL), but logging in with wiki.domain.com does not. The wiki lives at wiki.internal.domain.com, but is exposed to the world at wiki.domain.com. In both cases, you are actually logged in, even though you get the blank page. You can see that in the log:

[PluggableAuth] Authenticated existing user: ravicv

...

[PluggableAuth] User is authorized.


The null return to URL is an indication that the session got cleared or is inaccessible. I would capture the network response from the simpleSAMLphp library redirecting to PluggableAuthLogin, comparing between the access on the two different URLs. I'm wondering if there is an error in the simpleSAMLphp library configuration for the external URL where it is referring to the internal URL or something similar.


To give you some background, the workflow for authentication is as follows. Special:UserLogin redirects to Special:PluggableAuthLogin. The return to URL (the URL of the page to which you should return after authentication is complete) is saved in the session and then a redirect is done by the simpleSAMLphp library to the remote identity provider. When a response is received, the simpleSAMLphp library redirects back to Special:PluggableAuthLogin. The response is processed and then the return to URL is retrieved from the session for a redirect back to the correct page. What is happening here is that the URL is saved, but it is somehow inaccessible after the redirect back to Special:PluggableAuthLogin. The key seems to be the configuration related to the internal/external URLs.

Ravikzm (talkcontribs)

when accessing the MW via external link (wiki.domain.com), the session ("wiki_session" [COOKIE: ARRAffinity=0e33341a591f61ae9bcf90304e488a9c9ec333dcd731e258d7545141a9e14669; wiki_session=j9v7futippng3mddd8676rmad5otusg7082] ) is not set and not sure from where the session name is picked (assuming based on DB name??). The wiki_session is set when I access the MW from wiki.internal.domain.com (see the logs below). Looks the missing session causing the problem.

In SimpleSamlPhp config, I haven't changed any thing related to sessions and configured to use Sqlite instead of PHPSession.

in Local settings I have the below configuration

## The protocol and server name to use in fully-qualified URLs

$wgServer = "https://wiki.domain.com";

wfLoadExtension( 'PluggableAuth' );

wfLoadExtension( 'SimpleSAMLphp' );

$wgSimpleSAMLphp_InstallDir = "D:\home\site\wwwroot\simplesamlphp";

$wgSimpleSAMLphp_AuthSourceId = "wiki";

$wgSimpleSAMLphp_UsernameAttribute = 'http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name';

$wgSimpleSAMLphp_RealNameAttribute = 'http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name';      // Real Name attribute

$wgSimpleSAMLphp_EmailAttribute    = 'http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name';    // email address attribute

$wgGroupPermissions['*']['autocreateaccount'] = true;

$wgUserrightsInterwikiDelimiter = "%";

$wgInvalidUsernameCharacters = "%:";


Wiki.domain.com log

IP: 1.1.1.1

Start request GET /index.php?title=Special:UserLogin

HTTP HEADERS:

CONTENT-TYPE:

CONTENT-LENGTH: 0

X-APPSERVICE-PROTO: https

X-FORWARDED-PROTO: https

X-ARR-SSL: 2048|256|C=US, O=DigiCert Inc, CN=DigiCert SHA2 Secure Server CA|C=US, S=Washington, L=Redmond, O=Microsoft Corporation, CN=*.azurewebsites.net

X-FORWARDED-FOR: 1.1.1.1:37085

X-ORIGINAL-URL: /index.php?title=Special:UserLogin

WAS-DEFAULT-HOSTNAME: wiki.domain.com

X-SITE-DEPLOYMENT-ID: wikidomain

DISGUISED-HOST: wiki.domain.com

X-ARR-LOG-ID: b916f493-6952-4293-978d-4c59725928ce

CLIENT-IP: 1.1.1.1:37085

X-WAWS-UNENCODED-URL: /index.php?title=Special:UserLogin

UPGRADE-INSECURE-REQUESTS: 1

USER-AGENT: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.100 Safari/537.36

REFERER: https://wiki.domain.com/

MAX-FORWARDS: 10

HOST: wiki.domain.com

COOKIE: ARRAffinity=0e33341a591f61ae9bcf90304e488a9c9ec333dcd731e258d7545141a9e14669

ACCEPT-LANGUAGE: en-US,en;q=0.9,ta;q=0.8

ACCEPT-ENCODING: gzip, deflate, br

ACCEPT: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3

CONNECTION: Keep-Alive

[caches] cluster: WinCacheBagOStuff, WAN: mediawiki-main-default, stash: db-replicated, message: WinCacheBagOStuff, session: WinCacheBagOStuff

[caches] LocalisationCache: using store LCStoreCDB

[session] SessionBackend "h06p6o4qts74nvdrf8j3goqf58a1778p" is unsaved, marking dirty in constructor

[session] SessionBackend "h06p6o4qts74nvdrf8j3goqf58a1778p" save: dataDirty=1 metaDirty=1 forcePersist=0

[cookie] already deleted setcookie: "wiki_session", "", "1531777142", "/", "", "1", "1"

[cookie] already deleted setcookie: "wikiUserID", "", "1531777142", "/", "", "1", "1"

[cookie] already deleted setcookie: "wikiToken", "", "1531777142", "/", "", "1", "1"

[cookie] already deleted setcookie: "forceHTTPS", "", "1531777142", "/", "", "", "1"

[session] SessionBackend "h06p6o4qts74nvdrf8j3goqf58a1778p" force-persist due to persist()

[session] SessionBackend "h06p6o4qts74nvdrf8j3goqf58a1778p" save: dataDirty=0 metaDirty=1 forcePersist=1

[cookie] setcookie: "wiki_session", "h06p6o4qts74nvdrf8j3goqf58a1778p", "0", "/", "", "1", "1"

[cookie] already deleted setcookie: "wikiUserID", "", "1531777142", "/", "", "1", "1"

[cookie] already deleted setcookie: "wikiToken", "", "1531777142", "/", "", "1", "1"

[cookie] already deleted setcookie: "forceHTTPS", "", "1531777142", "/", "", "", "1"

[session] SessionBackend "h06p6o4qts74nvdrf8j3goqf58a1778p" Taking over PHP session

[session] SessionBackend "h06p6o4qts74nvdrf8j3goqf58a1778p" save: dataDirty=0 metaDirty=1 forcePersist=1

[cookie] already set setcookie: "wiki_session", "h06p6o4qts74nvdrf8j3goqf58a1778p", "0", "/", "", "1", "1"

[cookie] already deleted setcookie: "wikiUserID", "", "1531777142", "/", "", "1", "1"

[cookie] already deleted setcookie: "wikiToken", "", "1531777142", "/", "", "1", "1"

[cookie] already deleted setcookie: "forceHTTPS", "", "1531777142", "/", "", "", "1"

[MessageCache] MessageCache::load: Loading en... local cache is empty, got from global cache

Unstubbing $wgParser on call of $wgParser::firstCallInit from MessageCache->transform

Parser: using preprocessor: Preprocessor_DOM

Unstubbing $wgLang on call of $wgLang::_unstub from ParserOptions->__construct

[session] SessionBackend "h06p6o4qts74nvdrf8j3goqf58a1778p" data dirty due to dirty(): LoginSignupSpecialPage->execute/SpecialUserLogin->getToken/MediaWiki\Session\Session->getToken/MediaWiki\Session\Session->set/MediaWiki\Session\SessionBackend->dirty

[session] SessionBackend "h06p6o4qts74nvdrf8j3goqf58a1778p" save: dataDirty=1 metaDirty=0 forcePersist=0

[session] SessionBackend "h06p6o4qts74nvdrf8j3goqf58a1778p" data dirty due to dirty(): MediaWiki\Auth\AuthManager->setAuthenticationSessionData/MediaWiki\Session\Session->setSecret/MediaWiki\Session\Session->getSecretKeys/MediaWiki\Session\Session->set/MediaWiki\Session\SessionBackend->dirty

[session] SessionBackend "h06p6o4qts74nvdrf8j3goqf58a1778p" data dirty due to dirty(): MediaWiki\Auth\AuthManager->setAuthenticationSessionData/MediaWiki\Session\Session->setSecret/MediaWiki\Session\Session->getSecretKeys/MediaWiki\Session\Session->set/MediaWiki\Session\SessionBackend->dirty

[session] SessionBackend "h06p6o4qts74nvdrf8j3goqf58a1778p" data dirty due to dirty(): MediaWiki\Auth\ThrottlePreAuthenticationProvider->testForAuthentication/MediaWiki\Auth\AuthManager->setAuthenticationSessionData/MediaWiki\Session\Session->setSecret/MediaWiki\Session\Session->set/MediaWiki\Session\SessionBackend->dirty

[session] SessionBackend "h06p6o4qts74nvdrf8j3goqf58a1778p" save: dataDirty=1 metaDirty=0 forcePersist=0

[session] SessionBackend "h06p6o4qts74nvdrf8j3goqf58a1778p" data dirty due to dirty(): AuthManagerSpecialPage->performAuthenticationStep/MediaWiki\Auth\AuthManager->beginAuthentication/MediaWiki\Session\Session->setSecret/MediaWiki\Session\Session->set/MediaWiki\Session\SessionBackend->dirty

[session] SessionBackend "h06p6o4qts74nvdrf8j3goqf58a1778p" save: dataDirty=1 metaDirty=0 forcePersist=0

[session] SessionBackend "h06p6o4qts74nvdrf8j3goqf58a1778p" data dirty due to dirty(): PluggableAuthPrimaryAuthenticationProvider->beginPrimaryAuthentication/MediaWiki\Auth\AuthManager->setAuthenticationSessionData/MediaWiki\Session\Session->setSecret/MediaWiki\Session\Session->set/MediaWiki\Session\SessionBackend->dirty

[session] SessionBackend "h06p6o4qts74nvdrf8j3goqf58a1778p" save: dataDirty=1 metaDirty=0 forcePersist=0

[session] SessionBackend "h06p6o4qts74nvdrf8j3goqf58a1778p" data dirty due to dirty(): PluggableAuthPrimaryAuthenticationProvider->beginPrimaryAuthentication/MediaWiki\Auth\AuthManager->setAuthenticationSessionData/MediaWiki\Session\Session->setSecret/MediaWiki\Session\Session->set/MediaWiki\Session\SessionBackend->dirty

[session] SessionBackend "h06p6o4qts74nvdrf8j3goqf58a1778p" save: dataDirty=1 metaDirty=0 forcePersist=0

[session] SessionBackend "h06p6o4qts74nvdrf8j3goqf58a1778p" data dirty due to dirty(): PluggableAuthPrimaryAuthenticationProvider->beginPrimaryAuthentication/MediaWiki\Auth\AuthManager->setAuthenticationSessionData/MediaWiki\Session\Session->setSecret/MediaWiki\Session\Session->set/MediaWiki\Session\SessionBackend->dirty

[session] SessionBackend "h06p6o4qts74nvdrf8j3goqf58a1778p" save: dataDirty=1 metaDirty=0 forcePersist=0

[session] SessionBackend "h06p6o4qts74nvdrf8j3goqf58a1778p" data dirty due to dirty(): PluggableAuthPrimaryAuthenticationProvider->beginPrimaryAuthentication/MediaWiki\Auth\AuthManager->setAuthenticationSessionData/MediaWiki\Session\Session->setSecret/MediaWiki\Session\Session->set/MediaWiki\Session\SessionBackend->dirty

[authentication] Primary login with PluggableAuthPrimaryAuthenticationProvider returned REDIRECT

[session] SessionBackend "h06p6o4qts74nvdrf8j3goqf58a1778p" data dirty due to dirty(): MediaWiki\Auth\AuthManager->beginAuthentication/MediaWiki\Auth\AuthManager->continueAuthentication/MediaWiki\Session\Session->setSecret/MediaWiki\Session\Session->set/MediaWiki\Session\SessionBackend->dirty

[session] SessionBackend "h06p6o4qts74nvdrf8j3goqf58a1778p" save: dataDirty=1 metaDirty=0 forcePersist=0

MediaWiki::preOutputCommit: primary transaction round committed

MediaWiki::preOutputCommit: pre-send deferred updates completed

[DBReplication] Cannot use ChronologyProtector with EmptyBagOStuff.

[DBReplication] Wikimedia\Rdbms\LBFactory::getChronologyProtector: using request info {

    "IPAddress": "1.1.1.1",

    "UserAgent": "Mozilla\/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit\/537.36 (KHTML, like Gecko) Chrome\/75.0.3770.100 Safari\/537.36",

    "ChronologyProtection": false,

    "ChronologyPositionIndex": 0,

    "ChronologyClientId": null

}

MediaWiki::preOutputCommit: LBFactory shutdown completed

OutputPage::sendCacheControl: private caching;  **

[error] [1afd424d6312c4b62a65d370] /index.php?title=Special:UserLogin   ErrorException from line 80 of D:\home\site\wwwroot\includes\libs\objectcache\WinCacheBagOStuff.php: PHP Warning: wincache_ucache_add(): function called with a key which already exists

#0 [internal function]: MWExceptionHandler::handleError(integer, string, string, integer, array)

#1 D:\home\site\wwwroot\includes\libs\objectcache\WinCacheBagOStuff.php(80): wincache_ucache_add(string, string, integer)

#2 D:\home\site\wwwroot\includes\libs\objectcache\WANObjectCache.php(1385): WinCacheBagOStuff->add(string, integer, integer)

#3 D:\home\site\wwwroot\includes\libs\objectcache\WANObjectCache.php(1275): WANObjectCache->doGetWithSetCallback(string, integer, Closure, array)

#4 D:\home\site\wwwroot\includes\libs\rdbms\loadbalancer\LoadBalancer.php(1759): WANObjectCache->getWithSetCallback(string, integer, Closure, array)

#5 D:\home\site\wwwroot\includes\libs\rdbms\loadbalancer\LoadBalancer.php(1726): Wikimedia\Rdbms\LoadBalancer->masterRunningReadOnly(boolean, NULL)

#6 D:\home\site\wwwroot\includes\ReadOnlyMode.php(45): Wikimedia\Rdbms\LoadBalancer->getReadOnlyReason()

#7 D:\home\site\wwwroot\includes\ReadOnlyMode.php(29): ReadOnlyMode->getReason()

#8 D:\home\site\wwwroot\includes\GlobalFunctions.php(1199): ReadOnlyMode->isReadOnly()

#9 D:\home\site\wwwroot\includes\MediaWiki.php(962): wfReadOnly()

#10 D:\home\site\wwwroot\includes\MediaWiki.php(912): MediaWiki->triggerJobs()

#11 D:\home\site\wwwroot\includes\MediaWiki.php(731): MediaWiki->restInPeace(string, boolean)

#12 D:\home\site\wwwroot\includes\MediaWiki.php(754): MediaWiki->{closure}()

#13 D:\home\site\wwwroot\includes\MediaWiki.php(548): MediaWiki->doPostOutputShutdown(string)

#14 D:\home\site\wwwroot\index.php(42): MediaWiki->run()

#15 {main}

[DBConnection] Wikimedia\Rdbms\LoadBalancer::openConnection: calling initLB() before first connection.

[DBQuery] PRAGMA case_sensitive_like = 1

[DBConnection] Wikimedia\Rdbms\LoadBalancer::openLocalConnection: connected to database 0 at 'localhost'.

[DBQuery] SELECT  DISTINCT job_cmd  FROM job    WHERE job_cmd IN ('deletePage','refreshLinks','deleteLinks','htmlCacheUpdate','sendMail','enotifNotify','fixDoubleRedirect','AssembleUploadChunks','PublishStashedFile','ThumbnailRender','recentChangesUpdate','refreshLinksPrioritized','refreshLinksDynamic','activityUpdateJob','categoryMembershipChange','clearUserWatchlist','cdnPurge','userGroupExpiry','clearWatchlistNotifications','enqueue','null')   

Request ended normally

[session] Saving all sessions on shutdown

[DBConnection] Wikimedia\Rdbms\LoadBalancer::closeAll: closing connection to database ''.

IP: 1.1.1.1

Start request GET /index.php?title=Special:PluggableAuthLogin

HTTP HEADERS:

CONTENT-TYPE:

CONTENT-LENGTH: 0

X-APPSERVICE-PROTO: https

X-FORWARDED-PROTO: https

X-ARR-SSL: 2048|256|C=US, S=Washington, L=Redmond, O=Microsoft Corporation, OU=Microsoft IT, CN=Microsoft IT TLS CA 2|CN=wiki.internal.domain.com

X-FORWARDED-FOR: 1.1.1.1:45361

X-ORIGINAL-URL: /index.php?title=Special:PluggableAuthLogin

WAS-DEFAULT-HOSTNAME: wiki.domain.com

X-SITE-DEPLOYMENT-ID: wikidomain

DISGUISED-HOST: wiki.internal.domain.com

X-ARR-LOG-ID: a4befab0-841b-48e2-b57f-55835085f27f

CLIENT-IP: 1.1.1.1:45361

X-WAWS-UNENCODED-URL: /index.php?title=Special:PluggableAuthLogin

UPGRADE-INSECURE-REQUESTS: 1

USER-AGENT: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.100 Safari/537.36

REFERER: https://wiki.domain.com/

MAX-FORWARDS: 10

HOST: wiki.internal.domain.com

ACCEPT-LANGUAGE: en-US,en;q=0.9,ta;q=0.8

ACCEPT-ENCODING: gzip, deflate, br

ACCEPT: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3

CONNECTION: Keep-Alive

[caches] cluster: WinCacheBagOStuff, WAN: mediawiki-main-default, stash: db-replicated, message: WinCacheBagOStuff, session: WinCacheBagOStuff

[caches] LocalisationCache: using store LCStoreCDB

[session] SessionBackend "5dbtjn52abbif1bim6tlr00ah9nb7cje" is unsaved, marking dirty in constructor

[session] SessionBackend "5dbtjn52abbif1bim6tlr00ah9nb7cje" save: dataDirty=1 metaDirty=1 forcePersist=0

[cookie] already deleted setcookie: "wiki_session", "", "1531777144", "/", "", "1", "1"

[cookie] already deleted setcookie: "wikiUserID", "", "1531777144", "/", "", "1", "1"

[cookie] already deleted setcookie: "wikiToken", "", "1531777144", "/", "", "1", "1"

[cookie] already deleted setcookie: "forceHTTPS", "", "1531777144", "/", "", "", "1"

[PluggableAuth] In execute()

[PluggableAuth] Getting PluggableAuth singleton

[PluggableAuth] Class name: SimpleSAMLphp

[session] Saving all sessions on shutdown

[DBReplication] Cannot use ChronologyProtector with EmptyBagOStuff.

[DBReplication] Wikimedia\Rdbms\LBFactory::getChronologyProtector: using request info {

    "IPAddress": "1.1.1.1",

    "UserAgent": "Mozilla\/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit\/537.36 (KHTML, like Gecko) Chrome\/75.0.3770.100 Safari\/537.36",

    "ChronologyProtection": false,

    "ChronologyPositionIndex": 0,

    "ChronologyClientId": null

}

IP: 1.1.1.1

Start request GET /index.php?title=Special:PluggableAuthLogin

HTTP HEADERS:

CONTENT-TYPE:

CONTENT-LENGTH: 0

X-APPSERVICE-PROTO: https

X-FORWARDED-PROTO: https

X-ARR-SSL: 2048|256|C=US, S=Washington, L=Redmond, O=Microsoft Corporation, OU=Microsoft IT, CN=Microsoft IT TLS CA 2|CN=wiki.internal.domain.com

X-FORWARDED-FOR: 1.1.1.1:45361

X-ORIGINAL-URL: /index.php?title=Special:PluggableAuthLogin

WAS-DEFAULT-HOSTNAME: wiki.domain.com

X-SITE-DEPLOYMENT-ID: wikidomain

DISGUISED-HOST: wiki.internal.domain.com

X-ARR-LOG-ID: 9daa4ec8-41bc-43fa-9f02-acac7ef69dd1

CLIENT-IP: 1.1.1.1:45361

X-WAWS-UNENCODED-URL: /index.php?title=Special:PluggableAuthLogin

UPGRADE-INSECURE-REQUESTS: 1

USER-AGENT: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.100 Safari/537.36

REFERER: https://login.microsoftonline.com/

MAX-FORWARDS: 10

HOST: wiki.internal.domain.com

COOKIE: SimpleSAMLSessionID=17cef629e8bfe6dc232d330074fd09c4; ARRAffinity=0e33341a591f61ae9bcf90304e488a9c9ec333dcd731e258d7545141a9e14669; SimpleSAMLAuthToken=_e6cb7456688c1425b79ddc21fc7ddcb5b24ee09687

ACCEPT-LANGUAGE: en-US,en;q=0.9,ta;q=0.8

ACCEPT-ENCODING: gzip, deflate, br

ACCEPT: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3

CONNECTION: Keep-Alive

CACHE-CONTROL: max-age=0

[caches] cluster: WinCacheBagOStuff, WAN: mediawiki-main-default, stash: db-replicated, message: WinCacheBagOStuff, session: WinCacheBagOStuff

[caches] LocalisationCache: using store LCStoreCDB

[session] SessionBackend "lu2vrklorssss8p8ko3ijor4fuq2cp4og45k" is unsaved, marking dirty in constructor

[session] SessionBackend "lu2vrklorssss8p8ko3ijor4fuq2cp4og45k" save: dataDirty=1 metaDirty=1 forcePersist=0

[cookie] already deleted setcookie: "wiki_session", "", "1531777155", "/", "", "1", "1"

[cookie] already deleted setcookie: "wikiUserID", "", "1531777155", "/", "", "1", "1"

[cookie] already deleted setcookie: "wikiToken", "", "1531777155", "/", "", "1", "1"

[cookie] already deleted setcookie: "forceHTTPS", "", "1531777155", "/", "", "", "1"

[PluggableAuth] In execute()

[PluggableAuth] Getting PluggableAuth singleton

[PluggableAuth] Class name: SimpleSAMLphp

[DBConnection] Wikimedia\Rdbms\LoadBalancer::openConnection: calling initLB() before first connection.

[DBReplication] Cannot use ChronologyProtector with EmptyBagOStuff.

[DBReplication] Wikimedia\Rdbms\LBFactory::getChronologyProtector: using request info {

    "IPAddress": "1.1.1.1",

    "UserAgent": "Mozilla\/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit\/537.36 (KHTML, like Gecko) Chrome\/75.0.3770.100 Safari\/537.36",

    "ChronologyProtection": false,

    "ChronologyPositionIndex": 0,

    "ChronologyClientId": null

}

[DBQuery] PRAGMA case_sensitive_like = 1

[DBConnection] Wikimedia\Rdbms\LoadBalancer::openLocalConnection: connected to database 0 at 'localhost'.

[DBQuery] BEGIN DEFERRED

[DBQuery] SELECT  user_id  FROM user    WHERE user_name = 'ravicv'  LIMIT 1  

[PluggableAuth] Authenticated existing user: ravicv

[session] SessionBackend "lu2vrklorssss8p8ko3ijor4fuq2cp4og45k" data dirty due to dirty(): MediaWiki\Auth\AuthManager->setAuthenticationSessionData/MediaWiki\Session\Session->setSecret/MediaWiki\Session\Session->getSecretKeys/MediaWiki\Session\Session->set/MediaWiki\Session\SessionBackend->dirty

[session] SessionBackend "lu2vrklorssss8p8ko3ijor4fuq2cp4og45k" data dirty due to dirty(): MediaWiki\Auth\AuthManager->setAuthenticationSessionData/MediaWiki\Session\Session->setSecret/MediaWiki\Session\Session->getSecretKeys/MediaWiki\Session\Session->set/MediaWiki\Session\SessionBackend->dirty

[session] SessionBackend "lu2vrklorssss8p8ko3ijor4fuq2cp4og45k" data dirty due to dirty(): PluggableAuthLogin->execute/MediaWiki\Auth\AuthManager->setAuthenticationSessionData/MediaWiki\Session\Session->setSecret/MediaWiki\Session\Session->set/MediaWiki\Session\SessionBackend->dirty

[session] SessionBackend "lu2vrklorssss8p8ko3ijor4fuq2cp4og45k" save: dataDirty=1 metaDirty=0 forcePersist=0

[session] SessionBackend "lu2vrklorssss8p8ko3ijor4fuq2cp4og45k" data dirty due to dirty(): PluggableAuthLogin->execute/MediaWiki\Auth\AuthManager->setAuthenticationSessionData/MediaWiki\Session\Session->setSecret/MediaWiki\Session\Session->set/MediaWiki\Session\SessionBackend->dirty

[session] SessionBackend "lu2vrklorssss8p8ko3ijor4fuq2cp4og45k" save: dataDirty=1 metaDirty=0 forcePersist=0

[session] SessionBackend "lu2vrklorssss8p8ko3ijor4fuq2cp4og45k" data dirty due to dirty(): PluggableAuthLogin->execute/MediaWiki\Auth\AuthManager->setAuthenticationSessionData/MediaWiki\Session\Session->setSecret/MediaWiki\Session\Session->set/MediaWiki\Session\SessionBackend->dirty

[PluggableAuth] User is authorized.

[session] SessionBackend "lu2vrklorssss8p8ko3ijor4fuq2cp4og45k" save: dataDirty=1 metaDirty=0 forcePersist=0

[PluggableAuth] ERROR: return to URL is null or empty

User: loading options for user 8944 from override cache.

[MessageCache] MessageCache::load: Loading en... local cache is empty, got from global cache

Unstubbing $wgParser on call of $wgParser::getFreshParser from OutputPage->addWikiTextTitleInternal

Parser: using preprocessor: Preprocessor_DOM

[DBQuery] COMMIT

MediaWiki::preOutputCommit: primary transaction round committed

MediaWiki::preOutputCommit: pre-send deferred updates completed

MediaWiki::preOutputCommit: LBFactory shutdown completed

[DBQuery] BEGIN DEFERRED

[DBQuery] SELECT  page_id,page_len,page_is_redirect,page_latest,page_restrictions,page_content_model,page_namespace,page_title  FROM page    WHERE (page_namespace = '2' AND page_title = 'ravicv') OR (page_namespace = '3' AND page_title = 'ravicv') OR (page_namespace = '4' AND page_title IN ('Privacy_policy','About','General_disclaimer') )  

[DBQuery] SELECT  user_id  FROM user_newtalk    WHERE user_id = '8944'  LIMIT 1  

Unstubbing $wgLang on call of $wgLang::_unstub from ParserOptions->__construct

[session] SessionBackend "lu2vrklorssss8p8ko3ijor4fuq2cp4og45k" data dirty due to dirty(): User->getEditToken/User->getEditTokenObject/MediaWiki\Session\Session->getToken/MediaWiki\Session\Session->set/MediaWiki\Session\SessionBackend->dirty

[DBQuery] SELECT  page_namespace,page_title,page_touched,page_len,page_latest  FROM page    WHERE (page_namespace = '8' AND page_title IN ('Common.js','Vector.js') )  

User: loading options for user 8944 from override cache.

User: loading options for user 8944 from override cache.

[session] SessionBackend "lu2vrklorssss8p8ko3ijor4fuq2cp4og45k" save: dataDirty=1 metaDirty=0 forcePersist=0

OutputPage::sendCacheControl: private caching;  **

[DBQuery] COMMIT

[error] [69cf47e20cdcde01af853bf4] /index.php?title=Special:PluggableAuthLogin   ErrorException from line 80 of D:\home\site\wwwroot\includes\libs\objectcache\WinCacheBagOStuff.php: PHP Warning: wincache_ucache_add(): function called with a key which already exists

#0 [internal function]: MWExceptionHandler::handleError(integer, string, string, integer, array)

#1 D:\home\site\wwwroot\includes\libs\objectcache\WinCacheBagOStuff.php(80): wincache_ucache_add(string, string, integer)

#2 D:\home\site\wwwroot\includes\libs\objectcache\WANObjectCache.php(1385): WinCacheBagOStuff->add(string, integer, integer)

#3 D:\home\site\wwwroot\includes\libs\objectcache\WANObjectCache.php(1275): WANObjectCache->doGetWithSetCallback(string, integer, Closure, array)

#4 D:\home\site\wwwroot\includes\libs\rdbms\loadbalancer\LoadBalancer.php(1759): WANObjectCache->getWithSetCallback(string, integer, Closure, array)

#5 D:\home\site\wwwroot\includes\libs\rdbms\loadbalancer\LoadBalancer.php(1726): Wikimedia\Rdbms\LoadBalancer->masterRunningReadOnly(boolean, NULL)

#6 D:\home\site\wwwroot\includes\ReadOnlyMode.php(45): Wikimedia\Rdbms\LoadBalancer->getReadOnlyReason()

#7 D:\home\site\wwwroot\includes\ReadOnlyMode.php(29): ReadOnlyMode->getReason()

#8 D:\home\site\wwwroot\includes\GlobalFunctions.php(1199): ReadOnlyMode->isReadOnly()

#9 D:\home\site\wwwroot\includes\MediaWiki.php(962): wfReadOnly()

#10 D:\home\site\wwwroot\includes\MediaWiki.php(912): MediaWiki->triggerJobs()

#11 D:\home\site\wwwroot\includes\MediaWiki.php(731): MediaWiki->restInPeace(string, boolean)

#12 D:\home\site\wwwroot\includes\MediaWiki.php(754): MediaWiki->{closure}()

#13 D:\home\site\wwwroot\includes\MediaWiki.php(548): MediaWiki->doPostOutputShutdown(string)

#14 D:\home\site\wwwroot\index.php(42): MediaWiki->run()

#15 {main}


Wiki.internal.domain.com log


IP: 1.1.1.1 Start request GET /index.php?title=Special:UserLogin HTTP HEADERS: CONTENT-TYPE: CONTENT-LENGTH: 0 X-APPSERVICE-PROTO: https X-FORWARDED-PROTO: https X-ARR-SSL: 2048|256|C=US, S=Washington, L=Redmond, O=Microsoft Corporation, OU=Microsoft IT, CN=Microsoft IT TLS CA 2|CN=wiki.internal.domain.com X-FORWARDED-FOR: 1.1.1.1:31336 X-ORIGINAL-URL: /index.php?title=Special:UserLogin WAS-DEFAULT-HOSTNAME: wiki.domain.com X-SITE-DEPLOYMENT-ID: wikidomain DISGUISED-HOST: wiki.internal.domain.com X-ARR-LOG-ID: 0925a0ca-c619-4ea9-a268-ae5077973906 CLIENT-IP: 1.1.1.1:31336 X-WAWS-UNENCODED-URL: /index.php?title=Special:UserLogin UPGRADE-INSECURE-REQUESTS: 1 USER-AGENT: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.100 Safari/537.36 REFERER: https://wiki.internal.domain.com/ MAX-FORWARDS: 10 HOST: wiki.internal.domain.com COOKIE: ARRAffinity=0e33341a591f61ae9bcf90304e488a9c9ec333dcd731e258d7545141a9e14669 ACCEPT-LANGUAGE: en-US,en;q=0.9,ta;q=0.8 ACCEPT-ENCODING: gzip, deflate, br ACCEPT: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3 CONNECTION: Keep-Alive [caches] cluster: WinCacheBagOStuff, WAN: mediawiki-main-default, stash: db-replicated, message: WinCacheBagOStuff, session: WinCacheBagOStuff [caches] LocalisationCache: using store LCStoreCDB [session] SessionBackend "j9v7futippng3mddd8676rmad5otusg7082" is unsaved, marking dirty in constructor [session] SessionBackend "j9v7futippng3mddd8676rmad5otusg7082" save: dataDirty=1 metaDirty=1 forcePersist=0 [cookie] already deleted setcookie: "wiki_session", "", "1531777203", "/", "", "1", "1" [cookie] already deleted setcookie: "wikiUserID", "", "1531777203", "/", "", "1", "1" [cookie] already deleted setcookie: "wikiToken", "", "1531777203", "/", "", "1", "1" [cookie] already deleted setcookie: "forceHTTPS", "", "1531777203", "/", "", "", "1" [session] SessionBackend "j9v7futippng3mddd8676rmad5otusg7082" force-persist due to persist() [session] SessionBackend "j9v7futippng3mddd8676rmad5otusg7082" save: dataDirty=0 metaDirty=1 forcePersist=1 [cookie] setcookie: "wiki_session", "j9v7futippng3mddd8676rmad5otusg7082", "0", "/", "", "1", "1" [cookie] already deleted setcookie: "wikiUserID", "", "1531777203", "/", "", "1", "1" [cookie] already deleted setcookie: "wikiToken", "", "1531777203", "/", "", "1", "1" [cookie] already deleted setcookie: "forceHTTPS", "", "1531777203", "/", "", "", "1" [session] SessionBackend "j9v7futippng3mddd8676rmad5otusg7082" Taking over PHP session [session] SessionBackend "j9v7futippng3mddd8676rmad5otusg7082" save: dataDirty=0 metaDirty=1 forcePersist=1 [cookie] already set setcookie: "wiki_session", "j9v7futippng3mddd8676rmad5otusg7082", "0", "/", "", "1", "1" [cookie] already deleted setcookie: "wikiUserID", "", "1531777203", "/", "", "1", "1" [cookie] already deleted setcookie: "wikiToken", "", "1531777203", "/", "", "1", "1" [cookie] already deleted setcookie: "forceHTTPS", "", "1531777203", "/", "", "", "1" [MessageCache] MessageCache::load: Loading en... local cache is empty, got from global cache Unstubbing $wgParser on call of $wgParser::firstCallInit from MessageCache->transform Parser: using preprocessor: Preprocessor_DOM Unstubbing $wgLang on call of $wgLang::_unstub from ParserOptions->__construct [session] SessionBackend "j9v7futippng3mddd8676rmad5otusg7082" data dirty due to dirty(): LoginSignupSpecialPage->execute/SpecialUserLogin->getToken/MediaWiki\Session\Session->getToken/MediaWiki\Session\Session->set/MediaWiki\Session\SessionBackend->dirty [session] SessionBackend "j9v7futippng3mddd8676rmad5otusg7082" save: dataDirty=1 metaDirty=0 forcePersist=0 [session] SessionBackend "j9v7futippng3mddd8676rmad5otusg7082" data dirty due to dirty(): MediaWiki\Auth\AuthManager->setAuthenticationSessionData/MediaWiki\Session\Session->setSecret/MediaWiki\Session\Session->getSecretKeys/MediaWiki\Session\Session->set/MediaWiki\Session\SessionBackend->dirty [session] SessionBackend "j9v7futippng3mddd8676rmad5otusg7082" data dirty due to dirty(): MediaWiki\Auth\AuthManager->setAuthenticationSessionData/MediaWiki\Session\Session->setSecret/MediaWiki\Session\Session->getSecretKeys/MediaWiki\Session\Session->set/MediaWiki\Session\SessionBackend->dirty [session] SessionBackend "j9v7futippng3mddd8676rmad5otusg7082" data dirty due to dirty(): MediaWiki\Auth\ThrottlePreAuthenticationProvider->testForAuthentication/MediaWiki\Auth\AuthManager->setAuthenticationSessionData/MediaWiki\Session\Session->setSecret/MediaWiki\Session\Session->set/MediaWiki\Session\SessionBackend->dirty [session] SessionBackend "j9v7futippng3mddd8676rmad5otusg7082" save: dataDirty=1 metaDirty=0 forcePersist=0 [session] SessionBackend "j9v7futippng3mddd8676rmad5otusg7082" data dirty due to dirty(): AuthManagerSpecialPage->performAuthenticationStep/MediaWiki\Auth\AuthManager->beginAuthentication/MediaWiki\Session\Session->setSecret/MediaWiki\Session\Session->set/MediaWiki\Session\SessionBackend->dirty [session] SessionBackend "j9v7futippng3mddd8676rmad5otusg7082" save: dataDirty=1 metaDirty=0 forcePersist=0 [session] SessionBackend "j9v7futippng3mddd8676rmad5otusg7082" data dirty due to dirty(): PluggableAuthPrimaryAuthenticationProvider->beginPrimaryAuthentication/MediaWiki\Auth\AuthManager->setAuthenticationSessionData/MediaWiki\Session\Session->setSecret/MediaWiki\Session\Session->set/MediaWiki\Session\SessionBackend->dirty [session] SessionBackend "j9v7futippng3mddd8676rmad5otusg7082" save: dataDirty=1 metaDirty=0 forcePersist=0 [session] SessionBackend "j9v7futippng3mddd8676rmad5otusg7082" data dirty due to dirty(): PluggableAuthPrimaryAuthenticationProvider->beginPrimaryAuthentication/MediaWiki\Auth\AuthManager->setAuthenticationSessionData/MediaWiki\Session\Session->setSecret/MediaWiki\Session\Session->set/MediaWiki\Session\SessionBackend->dirty [session] SessionBackend "j9v7futippng3mddd8676rmad5otusg7082" save: dataDirty=1 metaDirty=0 forcePersist=0 [session] SessionBackend "j9v7futippng3mddd8676rmad5otusg7082" data dirty due to dirty(): PluggableAuthPrimaryAuthenticationProvider->beginPrimaryAuthentication/MediaWiki\Auth\AuthManager->setAuthenticationSessionData/MediaWiki\Session\Session->setSecret/MediaWiki\Session\Session->set/MediaWiki\Session\SessionBackend->dirty [session] SessionBackend "j9v7futippng3mddd8676rmad5otusg7082" save: dataDirty=1 metaDirty=0 forcePersist=0 [session] SessionBackend "j9v7futippng3mddd8676rmad5otusg7082" data dirty due to dirty(): PluggableAuthPrimaryAuthenticationProvider->beginPrimaryAuthentication/MediaWiki\Auth\AuthManager->setAuthenticationSessionData/MediaWiki\Session\Session->setSecret/MediaWiki\Session\Session->set/MediaWiki\Session\SessionBackend->dirty [authentication] Primary login with PluggableAuthPrimaryAuthenticationProvider returned REDIRECT [session] SessionBackend "j9v7futippng3mddd8676rmad5otusg7082" data dirty due to dirty(): MediaWiki\Auth\AuthManager->beginAuthentication/MediaWiki\Auth\AuthManager->continueAuthentication/MediaWiki\Session\Session->setSecret/MediaWiki\Session\Session->set/MediaWiki\Session\SessionBackend->dirty [session] SessionBackend "j9v7futippng3mddd8676rmad5otusg7082" save: dataDirty=1 metaDirty=0 forcePersist=0 MediaWiki::preOutputCommit: primary transaction round committed MediaWiki::preOutputCommit: pre-send deferred updates completed [DBReplication] Cannot use ChronologyProtector with EmptyBagOStuff. [DBReplication] Wikimedia\Rdbms\LBFactory::getChronologyProtector: using request info {

   "IPAddress": "1.1.1.1",
   "UserAgent": "Mozilla\/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit\/537.36 (KHTML, like Gecko) Chrome\/75.0.3770.100 Safari\/537.36",
   "ChronologyProtection": false,
   "ChronologyPositionIndex": 0,
   "ChronologyClientId": null

} MediaWiki::preOutputCommit: LBFactory shutdown completed OutputPage::sendCacheControl: private caching; ** [error] [20a89eee77ff52d9404e5a24] /index.php?title=Special:UserLogin ErrorException from line 80 of D:\home\site\wwwroot\includes\libs\objectcache\WinCacheBagOStuff.php: PHP Warning: wincache_ucache_add(): function called with a key which already exists

  1. 0 [internal function]: MWExceptionHandler::handleError(integer, string, string, integer, array)
  2. 1 D:\home\site\wwwroot\includes\libs\objectcache\WinCacheBagOStuff.php(80): wincache_ucache_add(string, string, integer)
  3. 2 D:\home\site\wwwroot\includes\libs\objectcache\WANObjectCache.php(1385): WinCacheBagOStuff->add(string, integer, integer)
  4. 3 D:\home\site\wwwroot\includes\libs\objectcache\WANObjectCache.php(1275): WANObjectCache->doGetWithSetCallback(string, integer, Closure, array)
  5. 4 D:\home\site\wwwroot\includes\libs\rdbms\loadbalancer\LoadBalancer.php(1759): WANObjectCache->getWithSetCallback(string, integer, Closure, array)
  6. 5 D:\home\site\wwwroot\includes\libs\rdbms\loadbalancer\LoadBalancer.php(1726): Wikimedia\Rdbms\LoadBalancer->masterRunningReadOnly(boolean, NULL)
  7. 6 D:\home\site\wwwroot\includes\ReadOnlyMode.php(45): Wikimedia\Rdbms\LoadBalancer->getReadOnlyReason()
  8. 7 D:\home\site\wwwroot\includes\ReadOnlyMode.php(29): ReadOnlyMode->getReason()
  9. 8 D:\home\site\wwwroot\includes\GlobalFunctions.php(1199): ReadOnlyMode->isReadOnly()
  10. 9 D:\home\site\wwwroot\includes\MediaWiki.php(962): wfReadOnly()
  11. 10 D:\home\site\wwwroot\includes\MediaWiki.php(912): MediaWiki->triggerJobs()
  12. 11 D:\home\site\wwwroot\includes\MediaWiki.php(731): MediaWiki->restInPeace(string, boolean)
  13. 12 D:\home\site\wwwroot\includes\MediaWiki.php(754): MediaWiki->{closure}()
  14. 13 D:\home\site\wwwroot\includes\MediaWiki.php(548): MediaWiki->doPostOutputShutdown(string)
  15. 14 D:\home\site\wwwroot\index.php(42): MediaWiki->run()
  16. 15 {main}

[DBConnection] Wikimedia\Rdbms\LoadBalancer::openConnection: calling initLB() before first connection. [DBQuery] PRAGMA case_sensitive_like = 1 [DBConnection] Wikimedia\Rdbms\LoadBalancer::openLocalConnection: connected to database 0 at 'localhost'. [DBQuery] SELECT DISTINCT job_cmd FROM job WHERE job_cmd IN ('deletePage','refreshLinks','deleteLinks','htmlCacheUpdate','sendMail','enotifNotify','fixDoubleRedirect','AssembleUploadChunks','PublishStashedFile','ThumbnailRender','recentChangesUpdate','refreshLinksPrioritized','refreshLinksDynamic','activityUpdateJob','categoryMembershipChange','clearUserWatchlist','cdnPurge','userGroupExpiry','clearWatchlistNotifications','enqueue','null') Request ended normally [session] Saving all sessions on shutdown [DBConnection] Wikimedia\Rdbms\LoadBalancer::closeAll: closing connection to database . IP: 1.1.1.1 Start request GET /index.php?title=Special:PluggableAuthLogin HTTP HEADERS: CONTENT-TYPE: CONTENT-LENGTH: 0 X-APPSERVICE-PROTO: https X-FORWARDED-PROTO: https X-ARR-SSL: 2048|256|C=US, S=Washington, L=Redmond, O=Microsoft Corporation, OU=Microsoft IT, CN=Microsoft IT TLS CA 2|CN=wiki.internal.domain.com X-FORWARDED-FOR: 1.1.1.1:31336 X-ORIGINAL-URL: /index.php?title=Special:PluggableAuthLogin WAS-DEFAULT-HOSTNAME: wiki.domain.com X-SITE-DEPLOYMENT-ID: wikidomain DISGUISED-HOST: wiki.internal.domain.com X-ARR-LOG-ID: 30bb8ffa-d39f-4d29-a3c3-d3a51489e110 CLIENT-IP: 1.1.1.1:31336 X-WAWS-UNENCODED-URL: /index.php?title=Special:PluggableAuthLogin UPGRADE-INSECURE-REQUESTS: 1 USER-AGENT: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.100 Safari/537.36 REFERER: https://wiki.internal.domain.com/ MAX-FORWARDS: 10 HOST: wiki.internal.domain.com COOKIE: ARRAffinity=0e33341a591f61ae9bcf90304e488a9c9ec333dcd731e258d7545141a9e14669; wiki_session=j9v7futippng3mddd8676rmad5otusg7082 ACCEPT-LANGUAGE: en-US,en;q=0.9,ta;q=0.8 ACCEPT-ENCODING: gzip, deflate, br ACCEPT: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3 CONNECTION: Keep-Alive [caches] cluster: WinCacheBagOStuff, WAN: mediawiki-main-default, stash: db-replicated, message: WinCacheBagOStuff, session: WinCacheBagOStuff [caches] LocalisationCache: using store LCStoreCDB [session] Session "j9v7futippng3mddd8676rmad5otusg7082" requested without UserID cookie [PluggableAuth] In execute() [PluggableAuth] Getting PluggableAuth singleton [PluggableAuth] Class name: SimpleSAMLphp [session] Saving all sessions on shutdown [DBReplication] Cannot use ChronologyProtector with EmptyBagOStuff. [DBReplication] Wikimedia\Rdbms\LBFactory::getChronologyProtector: using request info {

   "IPAddress": "1.1.1.1",
   "UserAgent": "Mozilla\/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit\/537.36 (KHTML, like Gecko) Chrome\/75.0.3770.100 Safari\/537.36",
   "ChronologyProtection": false,
   "ChronologyPositionIndex": 0,
   "ChronologyClientId": null

} IP: 1.1.1.1 Start request GET /index.php?title=Special:PluggableAuthLogin HTTP HEADERS: CONTENT-TYPE: CONTENT-LENGTH: 0 X-APPSERVICE-PROTO: https X-FORWARDED-PROTO: https X-ARR-SSL: 2048|256|C=US, S=Washington, L=Redmond, O=Microsoft Corporation, OU=Microsoft IT, CN=Microsoft IT TLS CA 2|CN=wiki.internal.domain.com X-FORWARDED-FOR: 1.1.1.1:31336 X-ORIGINAL-URL: /index.php?title=Special:PluggableAuthLogin WAS-DEFAULT-HOSTNAME: wiki.domain.com X-SITE-DEPLOYMENT-ID: wikidomain DISGUISED-HOST: wiki.internal.domain.com X-ARR-LOG-ID: c3ba597f-a59d-434e-8ac7-ab9748fc36bc CLIENT-IP: 1.1.1.1:31336 X-WAWS-UNENCODED-URL: /index.php?title=Special:PluggableAuthLogin UPGRADE-INSECURE-REQUESTS: 1 USER-AGENT: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.100 Safari/537.36 REFERER: https://login.microsoftonline.com/ MAX-FORWARDS: 10 HOST: wiki.internal.domain.com COOKIE: ARRAffinity=0e33341a591f61ae9bcf90304e488a9c9ec333dcd731e258d7545141a9e14669; wiki_session=j9v7futippng3mddd8676rmad5otusg7082; SimpleSAMLSessionID=f61d6a6b45f7434c4c33c30736e86041; SimpleSAMLAuthToken=_a3aa5b79e9826397264e42fafa139bf02c90565009 ACCEPT-LANGUAGE: en-US,en;q=0.9,ta;q=0.8 ACCEPT-ENCODING: gzip, deflate, br ACCEPT: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3 CONNECTION: Keep-Alive CACHE-CONTROL: max-age=0 [caches] cluster: WinCacheBagOStuff, WAN: mediawiki-main-default, stash: db-replicated, message: WinCacheBagOStuff, session: WinCacheBagOStuff [caches] LocalisationCache: using store LCStoreCDB [session] Session "j9v7futippng3mddd8676rmad5otusg7082" requested without UserID cookie [PluggableAuth] In execute() [PluggableAuth] Getting PluggableAuth singleton [PluggableAuth] Class name: SimpleSAMLphp [DBConnection] Wikimedia\Rdbms\LoadBalancer::openConnection: calling initLB() before first connection. [DBReplication] Cannot use ChronologyProtector with EmptyBagOStuff. [DBReplication] Wikimedia\Rdbms\LBFactory::getChronologyProtector: using request info {

   "IPAddress": "1.1.1.1",
   "UserAgent": "Mozilla\/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit\/537.36 (KHTML, like Gecko) Chrome\/75.0.3770.100 Safari\/537.36",
   "ChronologyProtection": false,
   "ChronologyPositionIndex": 0,
   "ChronologyClientId": null

} [DBQuery] PRAGMA case_sensitive_like = 1 [DBConnection] Wikimedia\Rdbms\LoadBalancer::openLocalConnection: connected to database 0 at 'localhost'. [DBQuery] BEGIN DEFERRED [DBQuery] SELECT user_id FROM user WHERE user_name = 'ravicv' LIMIT 1 [PluggableAuth] Authenticated existing user: ravicv [session] SessionBackend "j9v7futippng3mddd8676rmad5otusg7082" data dirty due to dirty(): PluggableAuthLogin->execute/MediaWiki\Auth\AuthManager->setAuthenticationSessionData/MediaWiki\Session\Session->setSecret/MediaWiki\Session\Session->set/MediaWiki\Session\SessionBackend->dirty [session] SessionBackend "j9v7futippng3mddd8676rmad5otusg7082" save: dataDirty=1 metaDirty=0 forcePersist=0 [session] SessionBackend "j9v7futippng3mddd8676rmad5otusg7082" data dirty due to dirty(): PluggableAuthLogin->execute/MediaWiki\Auth\AuthManager->setAuthenticationSessionData/MediaWiki\Session\Session->setSecret/MediaWiki\Session\Session->set/MediaWiki\Session\SessionBackend->dirty [session] SessionBackend "j9v7futippng3mddd8676rmad5otusg7082" save: dataDirty=1 metaDirty=0 forcePersist=0 [session] SessionBackend "j9v7futippng3mddd8676rmad5otusg7082" data dirty due to dirty(): PluggableAuthLogin->execute/MediaWiki\Auth\AuthManager->setAuthenticationSessionData/MediaWiki\Session\Session->setSecret/MediaWiki\Session\Session->set/MediaWiki\Session\SessionBackend->dirty [PluggableAuth] User is authorized. [session] SessionBackend "j9v7futippng3mddd8676rmad5otusg7082" save: dataDirty=1 metaDirty=0 forcePersist=0 [DBQuery] COMMIT MediaWiki::preOutputCommit: primary transaction round committed MediaWiki::preOutputCommit: pre-send deferred updates completed MediaWiki::preOutputCommit: LBFactory shutdown completed Unstubbing $wgLang on call of $wgLang::hasVariants from OutputPage->sendCacheControl User: loading options for user 8944 from override cache. OutputPage::sendCacheControl: private caching; ** [error] [81cc152dcced23608d4d6b83] /index.php?title=Special:PluggableAuthLogin ErrorException from line 80 of D:\home\site\wwwroot\includes\libs\objectcache\WinCacheBagOStuff.php: PHP Warning: wincache_ucache_add(): function called with a key which already exists

  1. 0 [internal function]: MWExceptionHandler::handleError(integer, string, string, integer, array)
  2. 1 D:\home\site\wwwroot\includes\libs\objectcache\WinCacheBagOStuff.php(80): wincache_ucache_add(string, string, integer)
  3. 2 D:\home\site\wwwroot\includes\libs\objectcache\WANObjectCache.php(1385): WinCacheBagOStuff->add(string, integer, integer)
  4. 3 D:\home\site\wwwroot\includes\libs\objectcache\WANObjectCache.php(1275): WANObjectCache->doGetWithSetCallback(string, integer, Closure, array)
  5. 4 D:\home\site\wwwroot\includes\libs\rdbms\loadbalancer\LoadBalancer.php(1759): WANObjectCache->getWithSetCallback(string, integer, Closure, array)
  6. 5 D:\home\site\wwwroot\includes\libs\rdbms\loadbalancer\LoadBalancer.php(1726): Wikimedia\Rdbms\LoadBalancer->masterRunningReadOnly(boolean, NULL)
  7. 6 D:\home\site\wwwroot\includes\ReadOnlyMode.php(45): Wikimedia\Rdbms\LoadBalancer->getReadOnlyReason()
  8. 7 D:\home\site\wwwroot\includes\ReadOnlyMode.php(29): ReadOnlyMode->getReason()
  9. 8 D:\home\site\wwwroot\includes\GlobalFunctions.php(1199): ReadOnlyMode->isReadOnly()
  10. 9 D:\home\site\wwwroot\includes\MediaWiki.php(962): wfReadOnly()
  11. 10 D:\home\site\wwwroot\includes\MediaWiki.php(912): MediaWiki->triggerJobs()
  12. 11 D:\home\site\wwwroot\includes\MediaWiki.php(731): MediaWiki->restInPeace(string, boolean)
  13. 12 D:\home\site\wwwroot\includes\MediaWiki.php(754): MediaWiki->{closure}()
  14. 13 D:\home\site\wwwroot\includes\MediaWiki.php(548): MediaWiki->doPostOutputShutdown(string)
  15. 14 D:\home\site\wwwroot\index.php(42): MediaWiki->run()
  16. 15 {main}


Cindy.cicalese (talkcontribs)

Is your remote IdP configured to accept connections from either domain? When you configure authsources.php in simplesamlphp, you may need to set up two SPs, one for each domain.

Ravikzm (talkcontribs)

The same application is working fine with MW 1.26 with simplesaml authentication and we are having only one IdP and "wiki.domain.com" internally redirect the user to"wiki.internal.domain.com" as we are using the $wgServer for protocol-relative URL. so after authentication the user will be landed in "wiki.internal.domain.com"

Cindy.cicalese (talkcontribs)

The internal MediaWiki authentication code was significantly rewritten in MediaWiki 1.27, and the PluggableAuth extension was similarly rewritten to accommodate the new authentication system. So, it is difficult to compare the behavior in 1.26 with the behavior in 1.32. In particular, the session code in MediaWiki was rewritten in MediaWiki 1.27, and this appears to be a session-related issue.

Cindy.cicalese (talkcontribs)
Summary by Cindy.cicalese

The version of PHP being used was not configured with LDAP support.

Fluxxuskb (talkcontribs)

Hi there,

with mediawiki 1.32.1 and LDAPAUTH2, LDAPProvider and PluggableAuth I get the following error:

[ce213266bdb4764c1a89a825] /wiki/wikname/index.php/Spezial:PluggableAuthLogin Error from line 244 of /pathtowiki/extensions/LDAPProvider/src/PlatformFunctionWrapper.php: Call to undefined function ldap_connect()

I put the domain config settings in the json file and set the path in LocalSettings.php:

$LDAPProviderDomainConfigs="/etc/mediawiki/ldapprovider.json";

What is missing?

Cindy.cicalese (talkcontribs)
Fluxxuskb (talkcontribs)

ok thanks that is part of the problem.

Do not show Login page

7
Summary by Cindy.cicalese

PluggableAuth requires MediaWiki 1.29 or later in order to bypass the Login page.

131.176.243.9 (talkcontribs)

Hi,

First of all many thanks for writing the PluggableAuth plugin, this is really nice! Within a day I've managed to write my own plugin to authenticate against our CAS server. This all works fine, I can properly login and logout and it also handles our mechanism for Authorization based on LDAP membership.

The only thing I have not managed to configure is the flow of logging in. I click on the "Log in" link, which returns the Mediawiki Login page when I see the default Mediawiki Login button and the Login with PluggableAuth button. Since we don't allow a login into Mediawiki via a local wiki account, the additional step to click on the PluggableAuth button is for us an extra click we would like to avoid (since there would only be one option). Is there a way to configure PluggableAuth to directly execute the step which would happen when clicking on Login with PluggableAuth without showing the login buttons to the user?

Best regards,

Martin


Cindy.cicalese (talkcontribs)

Hi, Martin.

Thank you for the positive feedback :-)

Bypassing the login page is the default behavior of PluggableAuth, as long as the plugin does not add any other fields to the login page to gather custom information (i.e. adding fields to $wgPluggableAuth_ExtraLoginFields will add fields to the login form). It is unclear, if your plugin is not adding fields, why your plugin does not bypass the login page. You could try to compare to one of the other plugins (e.g. Extension:OpenID Connect) to see if you are doing something different. The code in MediaWiki core to bypass the login form is at https://phabricator.wikimedia.org/source/mediawiki/browse/master/includes/specialpage/LoginSignupSpecialPage.php$305.

Cindy

131.176.243.9 (talkcontribs)

Hi Cindy,

I had a look at the OpenID connector and I don't see anything weird in my own connector, I don't explicitly set $wgPluggableAuth_ExtraLoginFields. What I find strange is that above the "Log in with PluggableAuth" button, I still see the standard "Log in" button for Local logins. If I add explicitly $wgPluggableAuth_EnableLocalLogin = false; in my LocalSettings.php file the button stays. Just to test it, I've added this before and after loading the PluggableAuth extension. I see no difference in behavior. I use PluggableAuth for Mediawiki 1.27, since this is what is currently available for me to test, we don't have a server running yet with a newer version. Is the version maybe too old and is it missing features?

Martin

Cindy.cicalese (talkcontribs)

Ah, yes, the code to bypass the Login page was only added to MediaWiki core in MW 1.29. So, regardless of which version of the PluggableAuth extension you use (you should ideally use the most recent version to get most functionality/bug fixes), you will need to use a more recent version of MediaWiki.

131.176.243.9 (talkcontribs)

Good to know that bypassing the Login page was only implemented in MW1.29. I've requested with the person in charge of the test installation to upgrade Mediawiki to the latest LTS version (1.31), which also requires PHP7, then I will test my plugin again and let you know if it all work as expected. Many thanks for your quick support!

Martin

131.176.243.9 (talkcontribs)

Our server now runs WM1.31 (the latest LTS version) together with PHP7.1 and it all works great now. The Login page is not shown anymore when I click on the Login link. Thanks again for your help!

Martin

Cindy.cicalese (talkcontribs)

Excellent!

simplesamlphp works fine by itself but SSO doesn't

5
Carlo.tognoni (talkcontribs)

I badly need support because after a month of trial and errors I am out of resources.

I am working in a bank environment, trying to let bank users - properly logged in the bank intranet - to access an external Mediawiki hosted on Internet by SSO .

The situation is as follows:

  1. I set up and configured simplesamlphp. If a bank employee calls <server>/simplesaml and uses the "test authentication sources" feature he/she retrieves properly the authentication data
  2. however, if the person clicks on the button "Accedi with SSO" - that calls or should call PluggableAuth, nothing happens

I am quite sure the problem relies on Mediawiki configuration and perhaps I am not understanding properly how the system should work.

Both extensions are installed

PluggableAuth 5.6 (cdeff81)12:18, 11 ott 2018

SimpleSAMLphp 4.2 (72b213a)12:57, 11 ott 2018


In LocalSettings there are the following lines


$wgPluggableAuth_EnableAutoLogin = true;

$wgPluggableAuth_EnableLocalLogin = true;

$wgPluggableAuth_EnableLocalProperties = false;

$wgPluggableAuth_ButtonLabel = 'Accedi con SSO';

$wgPluggableAuth_ExtraLoginFields = [];


$wgSimpleSAMLphp_InstallDir = '/var/simplesamlphp';

$wgSimpleSAMLphp_AuthSourceId = 'url'; // this is the IP provider URL

$wgSimpleSAMLphp_RealNameAttribute = 'RealNameAttribute';

$wgSimpleSAMLphp_EmailAttribute ='EmailAttribute';

$wgSimpleSAMLphp_UsernameAttribute = 'UsernameAttribute';


The mediawiki log file lists the following errors

[DBConnection] Wikimedia\Rdbms\LoadBalancer::openConnection: connected to database 0 at 'localhost'.

[session] Session "a68mahldoabm6k6sh07lcoudfd8hm8dg" requested without UserID cookie

[DBConnection] Wikimedia\Rdbms\LoadBalancer::openConnection: connected to database 0 at 'localhost'.

[SQLBagOStuff] Connection 2998 will be used for SqlBagOStuff

[PluggableAuth] In execute()

[PluggableAuth] Getting PluggableAuth singleton

[PluggableAuth] Class name: SimpleSAMLphp

// I have translated here the error message into Italian

[SimpleSAMLphp] Errore con la fonte di autenticazione URL

[PluggableAuth] Authentication failure.

[PluggableAuth] ERROR: Errore con la fonte di autenticazione URL

[CryptRand] 0 bytes of randomness leftover in the buffer.

[session] SessionBackend "a68mahldoabm6k6sh07lcoudfd8hm8dg" data dirty due to dirty(): PluggableAuthLogin->execute/MediaWiki\Auth\AuthManager->setAuthenticationSessionData/MediaWiki\Session\Session->setSecret/MediaWiki\Session\Session->set/MediaWiki\Session\SessionBackend->dirty

[session] SessionBackend "a68mahldoabm6k6sh07lcoudfd8hm8dg" save: dataDirty=1 metaDirty=0 forcePersist=0

[DBPerformance] Expectation (writes <= 0) by MediaWiki::main not met (actual: 1):

query-m: REPLACE INTO `mw_objectcache` (keyname,value,exptime) VALUES ('X')

....

[error] [163ff528cec15b488ce720df] /dario/index.php/Speciale:PluggableAuthLogin   ErrorException from line 78 of /var/www/html/dario/extensions/PluggableAuth/includes/PluggableAuthLogin.php: PHP Warning: count(): Parameter must be an array or an object that implements Countable

Please help. Thanks in advance for your support


Here there are my contact info

Carlo Tognoni

Milano - ITALY



Cindy.cicalese (talkcontribs)

My guess is that there is something wrong with the form of $wgSimpleSAMLphp_AuthSourceId. As far as I can tell, the error message is returned from the simpleSAMLphp library when it tries to instantiate class SimpleSAML\\Auth\\Simple passing in the value of $wgSimpleSAMLphp_AuthSourceId.

Carlo.tognoni (talkcontribs)

Thank you very much for your support. I have checked $wgSimpleSAMLphp_AuthSourceId and it is configured exactly as the idp in the authsources.php file. Simplesaml works fine: if I try to login with SSO being outside the bank network it asks me for credentials, as I could expect. Inside the bank network, it sends back all the user attributes.

It seems that PluggableAuth doesn't call the authentication process or doesn't wait a time long enough to let the idp answer. Checking the network traffic, there is a delay of about 1 second before MediaWiki returns to the login page.

my email address is carlo.tognoni (at) ct2.it

I will appreciate if you could contact me privately for consultancy support - I need to solve this problem urgently

Thanks again Carlo

Cindy.cicalese (talkcontribs)
Osnard (talkcontribs)

Yes, he already contacted me. Thanks!

Reply to "simplesamlphp works fine by itself but SSO doesn't"
Watcher91 (talkcontribs)

MediaWiki Verison: 1.31

PHP Version: 7.2.1

Web Server: IIS


Good Afternoon,

I have recently installed the above. In order to have this setup correctly I am looking to have it so that only users with the correct AD group can access it AND so that when they do access it they are logged in automatically.

I have been looking at the LDAP hub to try and understand what is required to achieve this but it's all quite confusing.

Before I start installing extentions I wanted clarification on this particular extention.

Am I right in understanding that this extension is primarily used to allow users to login automatically? If so, would authenticating via a windows prompt (Windows Authentication, Basic Authentication) be applicable to this?

Based on the configuration items listed I don't fully understand how it would pass the login variables set via Windows prompt or alternative method.


Lastly am I also correct in saying that an alternative plugin would be required that prevents users from accessing the application if they do not have the required groups?

Cindy.cicalese (talkcontribs)

> Am I right in understanding that this extension is primarily used to allow users to login automatically?

The extension is used to integrate with a external authentication provider. It is possible to configure the extension (using the $wgPluggableAuth_EnableAutoLogin configuration variable) so that the authentication workflow is initiated automatically, rather than having the user have to click on the Login link.

> If so, would authenticating via a windows prompt (Windows Authentication, Basic Authentication) be applicable to this?

I'm not familiar with the Windows environment from this perspective. Depending upon how you have your external authentication provider configured, it is possible that, if the user is already logged in to the environment, the authentication will happen without requiring additional interaction from the user.

> Based on the configuration items listed I don't fully understand how it would pass the login variables set via Windows prompt or alternative method.

If you use Azure ADFS, you might be interested in using this extension, PluggableAuth, with the OpenIDConnect extension (see Extension:OpenID Connect#Example: Using it against Azure ADFS). Authenticating with Azure may also be possible with Extension:SimpleSAMLphp, but I'm not sure of the configuration for that. @Osnard may be able to help you with that.

> Lastly am I also correct in saying that an alternative plugin would be required that prevents users from accessing the application if they do not have the required groups?

Yes, PluggableAuth separates the process of proving who you are (authentication) from determining what you have access to (authorization). Extension:SimpleSAMLphp does provide this additional functionality for controlling access by groups.

Osnard (talkcontribs)
Reply to "PluggableAuth - IIS"
Hlcounterstrike (talkcontribs)

Good evening,


First off, I'd like to thank you for your work on this plugin. It's a lot easier to work with this than try to understand MediaWiki's documentation for their AuthManager. That being said, however, I am still having issues getting this plugin to work properly. I've got my AuthProvider subclass pulling the necessary information from Symfony's security token and passing it to the authorize function (and PluggableAuth confirming that the user is authorized in debug), but I still receive the error: "Login failed in primary authentication by PluggableAuthPrimaryAuthenticationProvider". There also seems to be numerous messages about the session data being dirty, but I'm not sure if that's relevant or normal operation.


I've gone ahead and just set the authorize function to pass static information to PluggableAuth (id null, and username, email, and real name all set to strings) to simply test, and receive the same issue as before. Would you be able to provide any insight to what may be going on? I can send you a complete log if necessary.

Cindy.cicalese (talkcontribs)

Thank you for your kind words.


Yes, seeing the log would be helpful, especially the part before the error. The message about the session data being dirty is normal. It is interesting that even your static test is failing. Could you please also provide the code you are using for the authenticate function?

Hlcounterstrike (talkcontribs)

I appreciate the help on this matter.

IP: (Redacted)

Start request GET /university/wiki/index.php?title=Special:UserLogin

HTTP HEADERS:

ACCEPT: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8

ACCEPT-ENCODING: gzip, deflate, br

ACCEPT-LANGUAGE: en-US,en;q=0.9

CONNECTION: keep-alive

DNT: 1

HOST: new.certainty3d.com

REFERER: https://new.certainty3d.com/university/wiki/

UPGRADE-INSECURE-REQUESTS: 1

USER-AGENT: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36

[caches] cluster: SqlBagOStuff, WAN: mediawiki-main-default, stash: db-replicated, message: SqlBagOStuff, session: SqlBagOStuff

[caches] LocalisationCache: using store LCStoreDB

[DBConnection] Wikimedia\Rdbms\LoadBalancer::openConnection: calling initLB() before first connection.

[DBReplication] Cannot use ChronologyProtector with EmptyBagOStuff.

[DBReplication] Wikimedia\Rdbms\LBFactory::getChronologyProtector: using request info {

"IPAddress": "(Redacted)",

"UserAgent": "Mozilla\/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit\/537.36 (KHTML, like Gecko) Chrome\/72.0.3626.121 Safari\/537.36",

"ChronologyProtection": false,

"ChronologyPositionIndex": 0,

"ChronologyClientId": null

}

[DBConnection] Wikimedia\Rdbms\LoadBalancer::openLocalConnection: connected to database 0 at 'localhost'.

[SQLBagOStuff] Connection 5927707 will be used for SqlBagOStuff

[session] SessionBackend "e60eer465i25v3(Redacted)" is unsaved, marking dirty in constructor

[session] SessionBackend "e60eer465i25v3(Redacted)" save: dataDirty=1 metaDirty=1 forcePersist=0

[cookie] already deleted setcookie: "certain1_wiki_session", "", "1520520908", "/", "", "1", "1"

[cookie] already deleted setcookie: "certain1_wikiUserID", "", "1520520908", "/", "", "1", "1"

[cookie] already deleted setcookie: "certain1_wikiToken", "", "1520520908", "/", "", "1", "1"

[cookie] already deleted setcookie: "forceHTTPS", "", "1520520908", "/", "", "", "1"

[DBConnection] Wikimedia\Rdbms\LoadBalancer::openLocalConnection: connected to database 0 at 'localhost'.

[session] SessionBackend "e60eer465i25v3(Redacted)" force-persist due to persist()

[session] SessionBackend "e60eer465i25v3(Redacted)" save: dataDirty=0 metaDirty=1 forcePersist=1

[cookie] setcookie: "certain1_wiki_session", "e60eer465i25v3(Redacted)", "0", "/", "", "1", "1"

[cookie] already deleted setcookie: "certain1_wikiUserID", "", "1520520908", "/", "", "1", "1"

[cookie] already deleted setcookie: "certain1_wikiToken", "", "1520520908", "/", "", "1", "1"

[cookie] already deleted setcookie: "forceHTTPS", "", "1520520908", "/", "", "", "1"

[session] SessionBackend "e60eer465i25v3(Redacted)" Taking over PHP session

[session] SessionBackend "e60eer465i25v3(Redacted)" save: dataDirty=0 metaDirty=1 forcePersist=1

[cookie] already set setcookie: "certain1_wiki_session", "e60eer465i25v3(Redacted)", "0", "/", "", "1", "1"

[cookie] already deleted setcookie: "certain1_wikiUserID", "", "1520520908", "/", "", "1", "1"

[cookie] already deleted setcookie: "certain1_wikiToken", "", "1520520908", "/", "", "1", "1"

[cookie] already deleted setcookie: "forceHTTPS", "", "1520520908", "/", "", "", "1"

[SQLBagOStuff] Connection 5927707 will be used for SqlBagOStuff

[MessageCache] MessageCache::load: Loading en... local cache is empty, got from global cache

Unstubbing $wgParser on call of $wgParser::firstCallInit from MessageCache->transform

Parser: using preprocessor: Preprocessor_DOM

Unstubbing $wgLang on call of $wgLang::_unstub from ParserOptions->__construct

[session] SessionBackend "e60eer465i25v3(Redacted)" data dirty due to dirty(): LoginSignupSpecialPage->execute/SpecialUserLogin->getToken/MediaWiki\Session\Session->getToken/MediaWiki\Session\Session->set/MediaWiki\Session\SessionBackend->dirty

QuickTemplate::__construct was called with no Config instance passed to it

[session] SessionBackend "e60eer465i25v3(Redacted)" save: dataDirty=1 metaDirty=0 forcePersist=0

[authentication] MediaWiki\Auth\LegacyHookPreAuthenticationProvider::testForAuthentication: No username in $reqs, skipping hooks

[session] SessionBackend "e60eer465i25v3(Redacted)" data dirty due to dirty(): MediaWiki\Auth\AuthManager->setAuthenticationSessionData/MediaWiki\Session\Session->setSecret/MediaWiki\Session\Session->getSecretKeys/MediaWiki\Session\Session->set/MediaWiki\Session\SessionBackend->dirty

[session] SessionBackend "e60eer465i25v3(Redacted)" data dirty due to dirty(): MediaWiki\Auth\AuthManager->setAuthenticationSessionData/MediaWiki\Session\Session->setSecret/MediaWiki\Session\Session->getSecretKeys/MediaWiki\Session\Session->set/MediaWiki\Session\SessionBackend->dirty

[session] SessionBackend "e60eer465i25v3(Redacted)" data dirty due to dirty(): MediaWiki\Auth\ThrottlePreAuthenticationProvider->testForAuthentication/MediaWiki\Auth\AuthManager->setAuthenticationSessionData/MediaWiki\Session\Session->setSecret/MediaWiki\Session\Session->set/MediaWiki\Session\SessionBackend->dirty

[session] SessionBackend "e60eer465i25v3(Redacted)" save: dataDirty=1 metaDirty=0 forcePersist=0

[session] SessionBackend "e60eer465i25v3(Redacted)" data dirty due to dirty(): AuthManagerSpecialPage->performAuthenticationStep/MediaWiki\Auth\AuthManager->beginAuthentication/MediaWiki\Session\Session->setSecret/MediaWiki\Session\Session->set/MediaWiki\Session\SessionBackend->dirty

[session] SessionBackend "e60eer465i25v3(Redacted)" save: dataDirty=1 metaDirty=0 forcePersist=0

[session] SessionBackend "e60eer465i25v3(Redacted)" data dirty due to dirty(): PluggableAuthPrimaryAuthenticationProvider->beginPrimaryAuthentication/MediaWiki\Auth\AuthManager->setAuthenticationSessionData/MediaWiki\Session\Session->setSecret/MediaWiki\Session\Session->set/MediaWiki\Session\SessionBackend->dirty

[session] SessionBackend "e60eer465i25v3(Redacted)" save: dataDirty=1 metaDirty=0 forcePersist=0

[session] SessionBackend "e60eer465i25v3(Redacted)" data dirty due to dirty(): PluggableAuthPrimaryAuthenticationProvider->beginPrimaryAuthentication/MediaWiki\Auth\AuthManager->setAuthenticationSessionData/MediaWiki\Session\Session->setSecret/MediaWiki\Session\Session->set/MediaWiki\Session\SessionBackend->dirty

[session] SessionBackend "e60eer465i25v3(Redacted)" save: dataDirty=1 metaDirty=0 forcePersist=0

[session] SessionBackend "e60eer465i25v3(Redacted)" data dirty due to dirty(): PluggableAuthPrimaryAuthenticationProvider->beginPrimaryAuthentication/MediaWiki\Auth\AuthManager->setAuthenticationSessionData/MediaWiki\Session\Session->setSecret/MediaWiki\Session\Session->set/MediaWiki\Session\SessionBackend->dirty

[session] SessionBackend "e60eer465i25v3(Redacted)" save: dataDirty=1 metaDirty=0 forcePersist=0

[session] SessionBackend "e60eer465i25v3(Redacted)" data dirty due to dirty(): PluggableAuthPrimaryAuthenticationProvider->beginPrimaryAuthentication/MediaWiki\Auth\AuthManager->setAuthenticationSessionData/MediaWiki\Session\Session->setSecret/MediaWiki\Session\Session->set/MediaWiki\Session\SessionBackend->dirty

[authentication] Primary login with PluggableAuthPrimaryAuthenticationProvider returned REDIRECT

[session] SessionBackend "e60eer465i25v3(Redacted)" data dirty due to dirty(): MediaWiki\Auth\AuthManager->beginAuthentication/MediaWiki\Auth\AuthManager->continueAuthentication/MediaWiki\Session\Session->setSecret/MediaWiki\Session\Session->set/MediaWiki\Session\SessionBackend->dirty

[session] SessionBackend "e60eer465i25v3(Redacted)" save: dataDirty=1 metaDirty=0 forcePersist=0

MediaWiki::preOutputCommit: primary transaction round committed

MediaWiki::preOutputCommit: pre-send deferred updates completed

MediaWiki::preOutputCommit: LBFactory shutdown completed

OutputPage::sendCacheControl: private caching; **

Request ended normally

[session] Saving all sessions on shutdown

[DBConnection] Wikimedia\Rdbms\LoadBalancer::closeAll: closing connection to database 'localhost'.

[DBConnection] Wikimedia\Rdbms\LoadBalancer::closeAll: closing connection to database 'localhost'.

wfClientAcceptsGzip: client accepts gzip.

MediaWiki\OutputHandler::handleGzip() is compressing output

IP: (Redacted)

Start request GET /university/wiki/index.php?title=Special:PluggableAuthLogin

HTTP HEADERS:

ACCEPT: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8

ACCEPT-ENCODING: gzip, deflate, br

ACCEPT-LANGUAGE: en-US,en;q=0.9

CONNECTION: keep-alive

COOKIE: certain1_wiki_session=e60eer465i25v3(Redacted)

DNT: 1

HOST: new.certainty3d.com

REFERER: https://new.certainty3d.com/university/wiki/

UPGRADE-INSECURE-REQUESTS: 1

USER-AGENT: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36

[caches] cluster: SqlBagOStuff, WAN: mediawiki-main-default, stash: db-replicated, message: SqlBagOStuff, session: SqlBagOStuff

[caches] LocalisationCache: using store LCStoreDB

[session] Session "e60eer465i25v3(Redacted)" requested without UserID cookie

[DBConnection] Wikimedia\Rdbms\LoadBalancer::openConnection: calling initLB() before first connection.

[DBReplication] Cannot use ChronologyProtector with EmptyBagOStuff.

[DBReplication] Wikimedia\Rdbms\LBFactory::getChronologyProtector: using request info {

"IPAddress": "(Redacted)",

"UserAgent": "Mozilla\/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit\/537.36 (KHTML, like Gecko) Chrome\/72.0.3626.121 Safari\/537.36",

"ChronologyProtection": false,

"ChronologyPositionIndex": 0,

"ChronologyClientId": null

}

[DBConnection] Wikimedia\Rdbms\LoadBalancer::openLocalConnection: connected to database 0 at 'localhost'.

[SQLBagOStuff] Connection 5927710 will be used for SqlBagOStuff

[DBConnection] Wikimedia\Rdbms\LoadBalancer::openLocalConnection: connected to database 0 at 'localhost'.

[PluggableAuth] In execute()

[PluggableAuth] Getting PluggableAuth singleton

[PluggableAuth] Class name: SymfonyAuthProvider

[AuthBridge] [Auth] Begin Symfony Authentication

[SQLBagOStuff] Connection 5927710 will be used for SqlBagOStuff

[PluggableAuth] Authenticated existing user: David

[session] SessionBackend "e60eer465i25v3(Redacted)" data dirty due to dirty(): PluggableAuthLogin->execute/MediaWiki\Auth\AuthManager->setAuthenticationSessionData/MediaWiki\Session\Session->setSecret/MediaWiki\Session\Session->set/MediaWiki\Session\SessionBackend->dirty

[session] SessionBackend "e60eer465i25v3(Redacted)" save: dataDirty=1 metaDirty=0 forcePersist=0

[session] SessionBackend "e60eer465i25v3(Redacted)" data dirty due to dirty(): PluggableAuthLogin->execute/MediaWiki\Auth\AuthManager->setAuthenticationSessionData/MediaWiki\Session\Session->setSecret/MediaWiki\Session\Session->set/MediaWiki\Session\SessionBackend->dirty

[session] SessionBackend "e60eer465i25v3(Redacted)" save: dataDirty=1 metaDirty=0 forcePersist=0

[session] SessionBackend "e60eer465i25v3(Redacted)" data dirty due to dirty(): PluggableAuthLogin->execute/MediaWiki\Auth\AuthManager->setAuthenticationSessionData/MediaWiki\Session\Session->setSecret/MediaWiki\Session\Session->set/MediaWiki\Session\SessionBackend->dirty

[PluggableAuth] User is authorized.

[session] SessionBackend "e60eer465i25v3(Redacted)" save: dataDirty=1 metaDirty=0 forcePersist=0

[session] SessionBackend "e60eer465i25v3(Redacted)" data dirty due to dirty(): PluggableAuthLogin->execute/MediaWiki\Auth\AuthManager->setAuthenticationSessionData/MediaWiki\Session\Session->setSecret/MediaWiki\Session\Session->set/MediaWiki\Session\SessionBackend->dirty

[session] SessionBackend "e60eer465i25v3(Redacted)" save: dataDirty=1 metaDirty=0 forcePersist=0

MediaWiki::preOutputCommit: primary transaction round committed

MediaWiki::preOutputCommit: pre-send deferred updates completed

MediaWiki::preOutputCommit: LBFactory shutdown completed

Unstubbing $wgLang on call of $wgLang::hasVariants from OutputPage->sendCacheControl

User: loading options for user 1 from override cache.

OutputPage::sendCacheControl: private caching; **

Request ended normally

[session] Saving all sessions on shutdown

[DBConnection] Wikimedia\Rdbms\LoadBalancer::closeAll: closing connection to database 'localhost'.

[DBConnection] Wikimedia\Rdbms\LoadBalancer::closeAll: closing connection to database 'localhost'.

wfClientAcceptsGzip: client accepts gzip.

MediaWiki\OutputHandler::handleGzip() is compressing output

IP: (Redacted)

Start request GET /university/wiki/index.php?title=Special:UserLogin/return&wpLoginToken=12d309e7fd6254f15e36088b(Redacted)

HTTP HEADERS:

ACCEPT: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8

ACCEPT-ENCODING: gzip, deflate, br

ACCEPT-LANGUAGE: en-US,en;q=0.9

CONNECTION: keep-alive

COOKIE: certain1_wiki_session=e60eer465i25v3(Redacted)

DNT: 1

HOST: new.certainty3d.com

REFERER: https://new.certainty3d.com/university/wiki/

UPGRADE-INSECURE-REQUESTS: 1

USER-AGENT: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36

[caches] cluster: SqlBagOStuff, WAN: mediawiki-main-default, stash: db-replicated, message: SqlBagOStuff, session: SqlBagOStuff

[caches] LocalisationCache: using store LCStoreDB

[session] Session "e60eer465i25v3(Redacted)" requested without UserID cookie

[DBConnection] Wikimedia\Rdbms\LoadBalancer::openConnection: calling initLB() before first connection.

[DBReplication] Cannot use ChronologyProtector with EmptyBagOStuff.

[DBReplication] Wikimedia\Rdbms\LBFactory::getChronologyProtector: using request info {

"IPAddress": "(Redacted)",

"UserAgent": "Mozilla\/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit\/537.36 (KHTML, like Gecko) Chrome\/72.0.3626.121 Safari\/537.36",

"ChronologyProtection": false,

"ChronologyPositionIndex": 0,

"ChronologyClientId": null

}

[DBConnection] Wikimedia\Rdbms\LoadBalancer::openLocalConnection: connected to database 0 at 'localhost'.

[SQLBagOStuff] Connection 5927712 will be used for SqlBagOStuff

[DBConnection] Wikimedia\Rdbms\LoadBalancer::openLocalConnection: connected to database 0 at 'localhost'.

[session] SessionBackend "e60eer465i25v3(Redacted)" data dirty due to dirty(): AuthManagerSpecialPage->handleReturnBeforeExecute/MediaWiki\Auth\AuthManager->setAuthenticationSessionData/MediaWiki\Session\Session->setSecret/MediaWiki\Session\Session->set/MediaWiki\Session\SessionBackend->dirty

MediaWiki::preOutputCommit: primary transaction round committed

MediaWiki::preOutputCommit: pre-send deferred updates completed

MediaWiki::preOutputCommit: LBFactory shutdown completed

Unstubbing $wgLang on call of $wgLang::hasVariants from OutputPage->sendCacheControl

OutputPage::sendCacheControl: private caching; **

Request ended normally

[session] Saving all sessions on shutdown

[session] SessionBackend "e60eer465i25v3(Redacted)" save: dataDirty=1 metaDirty=0 forcePersist=0

[DBConnection] Wikimedia\Rdbms\LoadBalancer::closeAll: closing connection to database 'localhost'.

[DBConnection] Wikimedia\Rdbms\LoadBalancer::closeAll: closing connection to database 'localhost'.

wfClientAcceptsGzip: client accepts gzip.

MediaWiki\OutputHandler::handleGzip() is compressing output

IP: (Redacted)

Start request GET /university/wiki/index.php?title=Special:UserLogin

HTTP HEADERS:

ACCEPT: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8

ACCEPT-ENCODING: gzip, deflate, br

ACCEPT-LANGUAGE: en-US,en;q=0.9

CONNECTION: keep-alive

COOKIE: certain1_wiki_session=e60eer465i25v3(Redacted)

DNT: 1

HOST: new.certainty3d.com

REFERER: https://new.certainty3d.com/university/wiki/

UPGRADE-INSECURE-REQUESTS: 1

USER-AGENT: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36

[caches] cluster: SqlBagOStuff, WAN: mediawiki-main-default, stash: db-replicated, message: SqlBagOStuff, session: SqlBagOStuff

[caches] LocalisationCache: using store LCStoreDB

[session] Session "e60eer465i25v3(Redacted)" requested without UserID cookie

[DBConnection] Wikimedia\Rdbms\LoadBalancer::openConnection: calling initLB() before first connection.

[DBReplication] Cannot use ChronologyProtector with EmptyBagOStuff.

[DBReplication] Wikimedia\Rdbms\LBFactory::getChronologyProtector: using request info {

"IPAddress": "(Redacted)",

"UserAgent": "Mozilla\/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit\/537.36 (KHTML, like Gecko) Chrome\/72.0.3626.121 Safari\/537.36",

"ChronologyProtection": false,

"ChronologyPositionIndex": 0,

"ChronologyClientId": null

}

[DBConnection] Wikimedia\Rdbms\LoadBalancer::openLocalConnection: connected to database 0 at 'localhost'.

[SQLBagOStuff] Connection 5927714 will be used for SqlBagOStuff

[DBConnection] Wikimedia\Rdbms\LoadBalancer::openLocalConnection: connected to database 0 at 'localhost'.

[session] SessionBackend "e60eer465i25v3(Redacted)" data dirty due to dirty(): AuthManagerSpecialPage->handleReturnBeforeExecute/MediaWiki\Auth\AuthManager->removeAuthenticationSessionData/MediaWiki\Session\Session->setSecret/MediaWiki\Session\Session->set/MediaWiki\Session\SessionBackend->dirty

[session] SessionBackend "e60eer465i25v3(Redacted)" save: dataDirty=1 metaDirty=0 forcePersist=0

[SQLBagOStuff] Connection 5927714 will be used for SqlBagOStuff

[MessageCache] MessageCache::load: Loading en... local cache is empty, got from global cache

Unstubbing $wgParser on call of $wgParser::firstCallInit from MessageCache->transform

Parser: using preprocessor: Preprocessor_DOM

Unstubbing $wgLang on call of $wgLang::_unstub from ParserOptions->__construct

QuickTemplate::__construct was called with no Config instance passed to it

[session] SessionBackend "e60eer465i25v3(Redacted)" data dirty due to dirty(): PluggableAuthPrimaryAuthenticationProvider->continuePrimaryAuthentication/MediaWiki\Auth\AuthManager->removeAuthenticationSessionData/MediaWiki\Session\Session->setSecret/MediaWiki\Session\Session->set/MediaWiki\Session\SessionBackend->dirty

[authentication] Login failed in primary authentication by PluggableAuthPrimaryAuthenticationProvider

[session] SessionBackend "e60eer465i25v3(Redacted)" data dirty due to dirty(): AuthManagerSpecialPage->handleFormSubmit/AuthManagerSpecialPage->performAuthenticationStep/MediaWiki\Auth\AuthManager->continueAuthentication/MediaWiki\Session\Session->remove/MediaWiki\Session\SessionBackend->dirty

[session] SessionBackend "e60eer465i25v3(Redacted)" save: dataDirty=1 metaDirty=0 forcePersist=0

[authevents] Login attempt

QuickTemplate::__construct was called with no Config instance passed to it

MediaWiki::preOutputCommit: primary transaction round committed

MediaWiki::preOutputCommit: pre-send deferred updates completed

MediaWiki::preOutputCommit: LBFactory shutdown completed

OutputPage::sendCacheControl: private caching; **

Request ended normally

[session] Saving all sessions on shutdown

[DBConnection] Wikimedia\Rdbms\LoadBalancer::closeAll: closing connection to database 'localhost'.

[DBConnection] Wikimedia\Rdbms\LoadBalancer::closeAll: closing connection to database 'localhost'.

wfClientAcceptsGzip: client accepts gzip.

MediaWiki\OutputHandler::handleGzip() is compressing output

[caches] cluster: SqlBagOStuff, WAN: mediawiki-main-default, stash: db-replicated, message: SqlBagOStuff, session: SqlBagOStuff

[caches] LocalisationCache: using store LCStoreDB

[caches] cluster: SqlBagOStuff, WAN: mediawiki-main-default, stash: db-replicated, message: SqlBagOStuff, session: SqlBagOStuff

[DBReplication] Cannot use ChronologyProtector with EmptyBagOStuff.

[DBReplication] Wikimedia\Rdbms\LBFactory::getChronologyProtector: using request info {

"IPAddress": "(Redacted)",

"UserAgent": "Mozilla\/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit\/537.36 (KHTML, like Gecko) Chrome\/72.0.3626.121 Safari\/537.36",

"ChronologyProtection": false,

"ChronologyPositionIndex": 0,

"ChronologyClientId": null

}

[caches] LocalisationCache: using store LCStoreDB

[DBReplication] Cannot use ChronologyProtector with EmptyBagOStuff.

[DBReplication] Wikimedia\Rdbms\LBFactory::getChronologyProtector: using request info {

"IPAddress": "(Redacted)",

"UserAgent": "Mozilla\/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit\/537.36 (KHTML, like Gecko) Chrome\/72.0.3626.121 Safari\/537.36",

"ChronologyProtection": false,

"ChronologyPositionIndex": 0,

"ChronologyClientId": null

}

[DBConnection] Wikimedia\Rdbms\LoadBalancer::openConnection: calling initLB() before first connection.

[DBConnection] Wikimedia\Rdbms\LoadBalancer::openLocalConnection: connected to database 0 at 'localhost'.

[DBConnection] Wikimedia\Rdbms\LoadBalancer::openLocalConnection: connected to database 0 at 'localhost'.

[SQLBagOStuff] Connection 5927717 will be used for SqlBagOStuff

[DBConnection] Wikimedia\Rdbms\LoadBalancer::openConnection: calling initLB() before first connection.

[SQLBagOStuff] Connection 5927717 will be used for SqlBagOStuff

[MessageCache] MessageCache::load: Loading en... local cache is empty, got from global cache

[DBConnection] Wikimedia\Rdbms\LoadBalancer::openLocalConnection: connected to database 0 at 'localhost'.

[DBConnection] Wikimedia\Rdbms\LoadBalancer::openLocalConnection: connected to database 0 at 'localhost'.

[SQLBagOStuff] Connection 5927719 will be used for SqlBagOStuff

[SQLBagOStuff] Connection 5927719 will be used for SqlBagOStuff

[DBConnection] Wikimedia\Rdbms\LoadBalancer::closeAll: closing connection to database 'localhost'.

[DBConnection] Wikimedia\Rdbms\LoadBalancer::closeAll: closing connection to database 'localhost'.

[DBConnection] Wikimedia\Rdbms\LoadBalancer::closeAll: closing connection to database 'localhost'.

[DBConnection] Wikimedia\Rdbms\LoadBalancer::closeAll: closing connection to database 'localhost'.

[caches] cluster: SqlBagOStuff, WAN: mediawiki-main-default, stash: db-replicated, message: SqlBagOStuff, session: SqlBagOStuff

[caches] LocalisationCache: using store LCStoreDB

[DBReplication] Cannot use ChronologyProtector with EmptyBagOStuff.

[DBReplication] Wikimedia\Rdbms\LBFactory::getChronologyProtector: using request info {

"IPAddress": "(Redacted)",

"UserAgent": "Mozilla\/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit\/537.36 (KHTML, like Gecko) Chrome\/72.0.3626.121 Safari\/537.36",

"ChronologyProtection": false,

"ChronologyPositionIndex": 0,

"ChronologyClientId": null

}

[DBConnection] Wikimedia\Rdbms\LoadBalancer::openConnection: calling initLB() before first connection.

[DBConnection] Wikimedia\Rdbms\LoadBalancer::openLocalConnection: connected to database 0 at 'localhost'.

[DBConnection] Wikimedia\Rdbms\LoadBalancer::openLocalConnection: connected to database 0 at 'localhost'.

[SQLBagOStuff] Connection 5927721 will be used for SqlBagOStuff

[SQLBagOStuff] Connection 5927721 will be used for SqlBagOStuff

[DBConnection] Wikimedia\Rdbms\LoadBalancer::closeAll: closing connection to database 'localhost'.

[DBConnection] Wikimedia\Rdbms\LoadBalancer::closeAll: closing connection to database 'localhost'.

My authenticate function after testing with passing static data: public function authenticate(&$id, &$username, &$realname, &$email, &$errorMessage){

     wfDebugLog( 'AuthBridge', '[Auth] Begin Symfony Authentication');
     // Let's set up an error message. Upon error, this should be
     // overwritten, so if we hard-fail we can provide an accurate
     // reason as to why.
     $errorMessage = 'error-unknown';
     $params = [];
     $id = null;
     $username = $email = 'email@email.com';
     $realname = 'David';
     return true;

}

Cindy.cicalese (talkcontribs)

I don't see anything obviously and definitively wrong, but I do have several questions.

Which version of PluggableAuth are you using?

In your static test, I believe you should use a username that does not have a '@' in it. Also, if the user already exists, you should set $id to the user ID of that user.

It is odd that you get:

[PluggableAuth] User is authorized.

with no indication of an error after it, but you then get:

[authentication] Login failed in primary authentication by PluggableAuthPrimaryAuthenticationProvider

later. The fact that you are setting $errorMessage to something other than null should cause an error, actually, but you should also see an error message. That's why I'm wondering if you're using an older version of PluggableAuth.

Hlcounterstrike (talkcontribs)

I set up a brand new wiki to test some things. I had the errormessage being overwritten in my authentication class, so I've gone and removed that so Pluggable would give me errors. The login form is now giving me the error: "Auto-creation of a local account failed: You have not specified a valid username". I plugged in testing1 for the username (which should be valid by any means) in the static authentication function, but that didn't seem to do much. I've also gone and manually traced through some of PluggableAuthPrimaryAuthenticationProvider and it seems to be running User::newFromName just fine (and returning a valid user object) so I don't know where the issue lies.

I think I'd grabbed the latest version of PluggableAuth. The extension.json says 5.6.

I was trying to test the autocreation of the user in the static function I had set up, but did attempt to manually set the ID to an existing user to see if logging in to an existing user would work. Didn't seem to in my initial test.

Hlcounterstrike (talkcontribs)

So I think what may have been causing all of these problems was having that error message set.

I didn't immediately see changes because of caching, but it seems to be working now in the new test wiki I had set up. I'll let you know if it gets resolved.

Reply to "PluggableAuth & Symfony"

New user help (PluugableAuth + PluggableSSO + Active Directory)

7
Revansx (talkcontribs)

Hello,

I am setting up a new MW 1.29 application on a secure RHEL7+Apache2+PHP5.6+MariaDB5.5 host running in an Active Directory enterprise environment. All client browsers that will access the wiki have user session attributes in the header authenticated by the domain. When users visit the MW site, I would like MW to automatically log-in the users (and create new users as needed) from the authentication information in the browser session header. I am told by my enterprise security admins that the session header data is compatible with Siteminder (i.e. SM_SDOMAIN, etc..)

[Q1] Will I need anything beyond PluggableAuth and PluggableSSO? (like say Mod_auth_ker?)

[Q2] Will I need to configure either of these for my domain or should it just work?

So far I have successfully installed PluggableAuth and PluggableSSO and added the following to LocalSettings.php?

$wgPluggableAuth_EnableAutoLogin = true;

$wgPluggableAuth_EnableLocalLogin = true;

$wgPluggableAuth_EnableLocalProperties = false;

$wgPluggableAuth_Class = "PluggableSSO";

wfLoadExtension( 'PluggableAuth' );

wfLoadExtension( 'PluggableSSO' );

but it does not work as straightforwardly as hoped.

I have set $wgShowDebug = true; in my Localsettings.php and can see all of the session data and trace info, but I don't know how to interpret it as well as i'd like.

[Q3] My local login no longer works either. Is this to be expected?

Any advice from the authentication gurus is greatly appreciated :-)

Thanks in advance,

-Rich

Revansx (talkcontribs)
Revansx (talkcontribs)

from the DebugData, here is what I think is the interesting/telling part:

  • QuickTemplate::__construct was called with no Config instance passed to it
  • [authentication] Primary login with PluggableAuthPrimaryAuthenticationProvider succeeded
  • [authentication] Primary login with PluggableAuthPrimaryAuthenticationProvider succeeded, but returned no user
Revansx (talkcontribs)

[SOLVED] .. I wound up using the Extension: “Auth_remoteuser”

https://www.mediawiki.org/wiki/Extension:Auth_remoteuser

using something like this:

wfLoadExtension( 'Auth_remoteuser' );

$wgGroupPermissions['*']['createaccount'] = false;

$wgGroupPermissions['*']['autocreateaccount'] = true;

$wgAuthRemoteuserUserName = $_SERVER["HTTP_MYCOMPANYUID"];

$wgAuthRemoteuserUserPrefsForced = [

    'email' => $_SERVER["HTTP_MYCOMPANYEMAIL"],

    'realname' => $_SERVER["HTTP_CN"]

];

This denies users the ability to manually create accounts, but allows the extension to do so upon first visit when the session variables are set by the server. Sorry to trouble everyone here with what is probably a very simple goal, but maybe it will help another user like me.. in the meantime.. i would still be interested in how this might be implemented using the PluggableAuth and PluggableSSO extentions... but i'm in no hurry to switch now.

Thank you, all.

-Rich

Packetboxer (talkcontribs)

Are you able to confirm how you setup AD with MediaWiki? Are all 3 extensions (PluggableAuth, PluggableSSO, and Auth_remoteuser) all required to successfully integrate AD? I haven't had any success with PluggableAuth/PluggableSSO on their own. Although admittedly I feel I'm missing something somewhere that allows me to enter the Domain Controller details (ie server name, and domain admin to confirm users with AD).

Crismagnabosco (talkcontribs)

Hello @Packetboxer, did you solve this problem yet? If yes, how have you done it? Are you using to use PluggableSSO, Auth_remoteuser or both? I'm with the same trouble and I don't know how is the better way to choose.

Thanks

Revansx (talkcontribs)

Does your server enforce an immutable sessions from an external identity provider? (Mine does. It uses CA SiteMinder). This means that is a user is able to visit my wiki at all it is guaranteed that they will have a session cookie that I can trust that has properties that Auth_RemoteUser can read to identify them. In this scenario I don't need PluggableSSO. I think you only need PluggableSSO if the wiki is expected to query an active directory or a remote LDAP server. For me that query has already been done at an external site enforced by SiteMinder.

Reply to "New user help (PluugableAuth + PluggableSSO + Active Directory)"