Topic on Extension talk:PluggableAuth

New Extension:AuthRemoteUser

1
Oetterer (talkcontribs)

Hey


I created a new extension, using PluggableAuth. It aims to reproduce Extension:Auth remoteuser in its first incarnation: have one page in your wiki that checks for REMOTE_USER and uses it to authenticate. Unfortunately, I have only basic knowledge of remote authentication and mediawiki's authentication process. I basically just copied from here and there, so maybe someone with a bit more knowledge can have a look at the source code and check, if there is no major foo bar in it.</nowiki>


What the extension does:

  • it registers with pluggable auth (via callback)
  • creates a new unlisted special page (source code is a verbatim copy of PluggableAuth's PluggableAuthLogin.php
  • the authentication method in the child class of MediaWiki\Extension\PluggableAuth\PluggableAuth checks, if it is colled from the extension's special page
  • if not, it redirects to it (via header())
  • if so, it reads $_SERVER['REMOTE_USER'] and uses the username of the principal for authentication
  • optional: does a domain match

Help and feedback is appreciated. Thanks in advance.

Reply to "New Extension:AuthRemoteUser"