Hey
I created a new extension, using PluggableAuth. It aims to reproduce Extension:Auth remoteuser in its first incarnation: have one page in your wiki that checks for REMOTE_USER
and uses it to authenticate. Unfortunately, I have only basic knowledge of remote authentication and mediawiki's authentication process. I basically just copied from here and there, so maybe someone with a bit more knowledge can have a look at the source code and check, if there is no major foo bar in it.</nowiki>
What the extension does:
- it registers with pluggable auth (via callback)
- creates a new unlisted special page (source code is a verbatim copy of PluggableAuth's
PluggableAuthLogin.php
- the authentication method in the child class of
MediaWiki\Extension\PluggableAuth\PluggableAuth
checks, if it is colled from the extension's special page - if not, it redirects to it (via
header()
) - if so, it reads
$_SERVER['REMOTE_USER']
and uses the username of the principal for authentication - optional: does a domain match
Help and feedback is appreciated. Thanks in advance.