[dokuwiki] Re: sharing dokuwiki authentication
- From: Grant Gardner <grant@xxxxxxxxxxxxxxxxxx>
- To: dokuwiki@xxxxxxxxxxxxx
- Date: Wed, 12 Sep 2007 21:25:42 +1000
Jason,
If I understand correctly you want single sign on (SSO) between wikis in your
wiki farm
>From my reading of the code it is inc/auth.php that does the cookie
thing by storing/checking an encrypted version of the user and password.
The name of the cookie is defined in inc/init.php
if (!defined('DOKU_COOKIE')) define('DOKU_COOKIE', 'DW'.md5(DOKU_URL));
As you can see the name of the cookie is dependant on the base url (DOKU_URL),
so
you'll need to do something about that if this is different for each of your
course wikis.
eg use PHP's "prepend" facility to set DOKU_COOKIE to something common
Secondly the encryption depends on a salt value that is randomly
generated on first use and stored in $conf['metadir'].'/_htcookiesalt'
so you'll need to make sure all the wikis have the same value in this file.
eg. generate one and then use a symbolic link for all the others.
Presumably you've already configured each wiki to share the users.auth.php file
or equivalent
for whatever authentication method you are using.
Good luck!
Cheers
Grant.
On Tue, 2007-09-11 at 16:19 -0400, Jason Keltz wrote:
> On 08/29/07 17:43, Mark McCoy wrote:
> > On 8/24/07, Jason Keltz <jas@xxxxxxxxxxxx> wrote:
> >> Hi.
> >>
> >> I'm wondering whether it is possible to share authentication information
> >> between local DokuWikis. That is, I have a whole bunch of wikis served by
> >> the same system that have the same user base. I have my own custom
> >> DokuWiki authentication module for authenticating our users in DW. I
> >> would like to have a web page where a user signs in, and from there, they
> >> can access any of the local DokuWikis as if they have logged in. Each of
> >> the wikis can have different ACLs, etc.
> >>
> >> Any ideas?
> >>
> >> Jason.
> >> --
> >> DokuWiki mailing list - more info at
> >> http://wiki.splitbrain.org/wiki:mailinglist
> >>
> >
> > We use the built-in LDAP authentication for this. You can even use
> > the LDAP groups to handle ACL's.
>
> Hi Mark.
>
> I'm not sure if we're talking about the same thing. I would like to be
> able to authenticate once to one Wiki, and then as long as my other
> Wikis are using the same authentication back-end, I don't want to have
> to login again to the others. I should appear as already having logged
> in. I'm already sharing the same authentication information between
> Wikis, and that works, but I still have to login with the same username
> and password to all of my wikis. I wonder if its possible to share the
> authentication "cookie". Can anyone explain how the cookies work with
> DokuWiki and whether this is possible?
> (Basically, I have a bunch of "course" Wikis all for different courses
> in our department. I want a "student" to be able to login once, and
> then they can access all the Wikis. I guess it's the kind of thing I
> could do if I was using htaccess authentication, but then the user
> couldn't logout without closing the browser, and I'd lose using the User
> Manager, etc..)
>
> Jason.
>
--
DokuWiki mailing list - more info at
http://wiki.splitbrain.org/wiki:mailinglist
Other related posts:
