MediaWiki
Presentation
MediaWiki is a wiki software, used by the well known Wikipedia. Several extensions allows to configure SSO on MediaWiki:- http://www.mediawiki.org/wiki/Extension:AutomaticREMOTE_USER
- http://www.mediawiki.org/wiki/Extension:Siteminder_Authentication
- http://www.mediawiki.org/wiki/Extension:HttpAuth
Integration with LemonLDAP::NG
Install extension on MediaWiki
The extension is presented here: http://www.mediawiki.org/wiki/Extension:HttpAuth You can download the code here: http://github.com/oremj/mediawiki-http-auth/downloads You have to install HttpAuthPlugin.php in the extensions/ directory of your MediaWiki installation, and then edit LocalSettings.php:session_start(); $_SERVER['PHP_AUTH_USER'] = $_SERVER['REMOTE_USER']; if ((!empty($_SERVER['PHP_AUTH_USER']) && !empty($_SERVER['REMOTE_USER'])) || $_COOKIE[$wgDBserver . 'UserID']) { require_once("$IP/extensions/HttpAuthPlugin.php"); $wgAuth = new HttpAuthPlugin(); $wgHooks['AutoAuthenticate'][] = array($wgAuth,'autoAuthenticate'); }
Configure LemonLDAP::NG
Declare a VirtualHost in Apache for MediaWiki and active SSO, for example:<VirtualHost *> ServerName mediawiki.example.com
# SSO protection PerlHeaderParserHandler My::Package
# DocumentRoot DocumentRoot /var/www/html/mediawiki/ DirectoryIndex index.php
LogLevel warn ErrorLog /var/log/httpd/mediawiki-error.log CustomLog /var/log/httpd/mediawiki-access.log combined </VirtualHost>
If you are using LemonLDAP::NG as proxy, you can use this in your MediaWiki Apache configuration:
SetEnvIfNoCase Auth-User "(.*)" REMOTE_USER=$1
You can also catch the logout page with this rule:
Userlogout => logout_app_sso