Log into my MediaWiki site when specific users are logged into my website on a different server
Log into my MediaWiki site when specific users are logged into my website on a different server
I have a ASP.NET/C# website using IIS that when a user logs in successfully (Using login control and checking oracle table for user info) I create a session variable that lets the site know the user is authenticated. I have also created a Wiki site using Media Wiki which I have hosted on a different web server. I'm going to link to the Wiki from my main website where the user logged in.
What I need to do is when a specific users log into my main site I want them to be logged into my Wiki site as well when they navigate to that page. I want them to be able to edit the Wiki without having to log in again.
This will only be for a handful of people that will be flagged in my user table on my main site and already have user accounts on my Wiki site. What would be the best approach?
I did read the information on the Media Wiki website and it wasn't helpful for IIS and how to set it up. For MediaWiki to know what user I want to have be logged in to I have to manually set the remote_user enviroment variable or can I tell MediaWiki to look for my session variable value?
These MediaWiki extensions might also help: mediawiki.org/wiki/Category%3aUser_identity_extensions
– Kev
Sep 10 '18 at 17:06
Thank you, Kev I will look into everything you posted. I have to find a way to take some indicator that the user is validated on my site and tell my Wiki site that they are validated. The Remote_User seems to be the windows login. Thanks again.
– Jerry Warra
Sep 10 '18 at 17:39
I'm sorry if I'm missing the obvious, but I still can't find a good way to do this. Can I pass something in a page header when the user clicks the link to the wiki?
– Jerry Warra
Sep 11 '18 at 17:38
1 Answer
1
The internal MediaWiki mechanism for this is the SessionProvider (somewhat complex and the documentation is highly technical). A simple implementation that just pushes the burden of authentication to the web server software is the Auth remoteuser extension.
Otherwise, if you share a domain, you could set cookies in your primary application in some kind of verifiable fashion (e.g. digitally signed) and verify them on your wiki. If you don't, the wiki will have to trigger a web request to the primary application, which would check the cookie and respond with an authentication status, and the wiki would set its cookies based on that.
Thank you so much Tgr for your help. I will look into everything you mentioned and report back.
– Jerry Warra
Sep 12 '18 at 13:01
Thanks for contributing an answer to Stack Overflow!
But avoid …
To learn more, see our tips on writing great answers.
Required, but never shown
Required, but never shown
By clicking "Post Your Answer", you acknowledge that you have read our updated terms of service, privacy policy and cookie policy, and that your continued use of the website is subject to these policies.
Looks like you're looking for a "single sign-on" mechanism. There's a whole bunch of ways you could implement this which would be beyond the scope of an answer on StackOverflow. Here's some implementations that might help: en.wikipedia.org/wiki/List_of_single_sign-on_implementations. You could bodge a mechanism into MediaWiki kinda along the lines of what I did once before with a product called "ScrewTurn" wiki: stackoverflow.com/a/6088373
– Kev
Sep 10 '18 at 17:04