Extension:NetworkAuth

This page is a translated version of the page Extension:NetworkAuth and the translation is 24% complete.
MediaWiki 拡張機能マニュアル
NetworkAuth
リリースの状態: 安定
実装 利用者識別 , 利用者権限 , フック
説明 Allows to automatically authenticate users coming from certain network addresses
作者 Olaf Lenz (Olenzトーク)
最新バージョン 2.2
MediaWiki >= 1.35.0
データベースの変更 いいえ
ライセンス GNU 一般公衆利用許諾書 2.0 以降
ダウンロード
  • $wgNetworkAuthUsers
  • $wgNetworkAuthSpecialUsers
四半期ごとのダウンロード数 5 (Ranked 131st)
translatewiki.net で翻訳を利用できる場合は、NetworkAuth 拡張機能の翻訳にご協力ください
問題点 未解決のタスク · バグを報告

The NetworkAuth extension is intended to bind particular network addresses to specific users. When the wiki is accessed from a specific network address, they will be automatically logged in with the specified user name. When a wiki is configured not to allow anonymous read and/or write access, the extension can be used to grant read and write access for users from particular network addresses (e.g., from the intranet of a company).

インストール

  • ダウンロードして、ファイルをextensions/フォルダー内のNetworkAuthという名前のディレクトリ内に配置します。
    開発者とコード寄稿者は、上記の代わりに以下を使用してGitからインストールします:cd extensions/
    git clone https://gerrit.wikimedia.org/r/mediawiki/extensions/NetworkAuth
  • 以下のコードを LocalSettings.php ファイルの末尾に追加します:
    wfLoadExtension( 'NetworkAuth' );
    
  • Configure as required.
  •   完了 – ウィキの「Special:Version」に移動して、拡張機能が正しくインストールされたことを確認します。

設定

To configure the extension, set the configuration parameter $wgNetworkAuthUsers in LocalSettings.php , and optionally the configuration parameter $wgNetworkAuthSpecialUsers.

Basic configuration

The configuration parameter $wgNetworkAuthUsers is an array that can contain one or several arrays to configure what user is logged in when a wiki page is loaded from a specific network address. NetworkAuth only becomes active when a user is not logged in already. When NetworkAuth detects an attempt to load a page by an anonymous user, it will check whether the source IP address of the request is matched by any of the records in $wgNetworkAuthUsers. If it is, it will log in to the specified user.

The username defined in the configuration must be for a user that already exists in MediaWiki.

Example
wfLoadExtension( 'NetworkAuth' );

// Log-in unlogged users from these networks
$wgNetworkAuthUsers[] = [
	'iprange' => [
        '127.0.0.1',
	    '10.1.10.0/24',
	    '10.2.10.152/32'
    ],
	'user'    => 'NetworkAuthUser',
];

// Log-in unlogged users when IP matches this regular expression
$wgNetworkAuthUsers[] = [
	'ippattern' => '/10\.1\.10\..*/',
	'user'      => 'NetworkAuthUser',
];

// Log-in unlogged users when IP’s reverse DNS lookup matches this domain
$wgNetworkAuthUsers[] = [
	'hostpattern' => '/.*\.domain\.example\.com/i',
	'user'        => 'AdminComputer',
];

/* To use the contents of the page MediaWiki:Networkauth-ips
 * (Where the page is formatted as a '*' followed by either an IP or range)
 */
$wgNetworkAuthUsers[] = [
	'ipmsg' => 'networkauth-ips',
	'user'  => 'Foo',
];

Optional configuration

 
Personal header when connected with a user configured in $wgNetWorkAuthSpecialUsers

It might be a good idea not to use NetworkAuth to log in to a normal user account but to a special user account instead that exists exclusively for this purpose (e.g., "NetworkAuthUser"). In that case, one can add this account to the configuration parameter $wgNetWorkAuthSpecialUsers. Users in this list do not get the normal list of Personal Urls. Instead, the PersonalUrls show:

  • that the user is logged in via the NetworkAuth extension
  • the IP address of the user
  • a link to log out
  • a link to log in
Example
$wgNetworkAuthSpecialUsers[] = 'NetworkAuthUser';

関連項目