Difference between revisions of "Using eDirectory to control access to MediaWiki"

From MicroFocusInternationalWiki
Jump to: navigation, search
(Configuration)
Line 32: Line 32:
 
  require_once( 'LdapAuthentication.php' );
 
  require_once( 'LdapAuthentication.php' );
 
  $wgAuth = new LdapAuthenticationPlugin();
 
  $wgAuth = new LdapAuthenticationPlugin();
  $wgLDAPDomainNames = array( "wikidemo.org" );
+
  $wgLDAPDomainNames = array( "wikidemo" );
  $wgLDAPServerNames = array( "wikidemo.org"=>"edir.wikidemo.org"  );
+
  $wgLDAPServerNames = array( "wikidemo"=>"edir.wikidemo.org"  );
  $wgLDAPSearchStrings = array( "wikidemo.org"=>"cn=USER-NAME,ou=users,o=novell"   );
+
  $wgLDAPSearchStrings = array( "wikidemo"=>"cn=USER-NAME,ou=users,o=novell" );
  $wgLDAPUseSSL = false;
+
  $wgLDAPUseSSL = true;
 
  $wgLDAPUseLocal = false;
 
  $wgLDAPUseLocal = false;
 
  $wgLDAPAddLDAPUsers = false;
 
  $wgLDAPAddLDAPUsers = false;

Revision as of 18:15, 5 March 2006

The goal of this page is to configure MediaWiki to use eDirectory for user authentication based on group membership.

Prerequisites

Before we begin I am going to assume that you have the following configured:

  • MediaWiki 1.5+ Configured and running on Server (I'm working on another wiki right now that will detail the steps needed to get MediaWiki running on SLES 9
  • eDirectory installed and configured (I'm using eDirectory 8.8)

Here is how my servers are configured for reference

  • eDirectory Server has a DNS name of edir.wikidemo.org
  • wiki server has a DNS name of wiki.wikidemo.org
  • eDirectory configuration
    • users are in ou=users,o=novell
    • created a group called wiki in the users OU

Installation

Download the latest version of the MediaWiki LDAP module from http://meta.wikimedia.org/wiki/LDAP

The module is called LDAP_Authentication and is saved into your MediWiki directory.

I'm running on SLES, so my directory is /srv/www/htdocs/wiki

Configuration

The LDAP_Authentication receives parameters from your localSettings.PHP to tell it how it should be configured and behave.


Here are my updates to my localSettings.PHP

require_once( 'LdapAuthentication.php' );
$wgAuth = new LdapAuthenticationPlugin();
$wgLDAPDomainNames = array( "wikidemo" );
$wgLDAPServerNames = array( "wikidemo"=>"edir.wikidemo.org"  );
$wgLDAPSearchStrings = array( "wikidemo"=>"cn=USER-NAME,ou=users,o=novell" );
$wgLDAPUseSSL = true;
$wgLDAPUseLocal = false;
$wgLDAPAddLDAPUsers = false;
$wgLDAPUpdateLDAP = false;
$wgLDAPMailPassword = false;
$wgLDAPRetrievePrefs = false;
$wgMinimalPasswordLength = 1;