[wp-hackers] Single sign-on with Wordpress & Mediawiki

Callum Macdonald lists.automattic.com at callum-macdonald.com
Mon Oct 29 18:26:08 GMT 2007


Integrating WordPress and MediaWiki should be relatively simple.

MediaWiki relies on a couple of cookies being set, one of them contains 
a "key" that's set in the MW user table. So on WP login, you need to 
update the "key", set the cookies, and you should be off. I know it's 
that easy with WordPress.

If you can use bbPress for the forum, you'll have all three from one 
login in a snap (I reckon less than an hours work and probably 40 lines 
of code).

Cheers - Callum.

Jan Bucher wrote:
> I am working on exactly the same Setup (Vanilla, MW, WP). Until now i
> did not care about cookies, so no help there. But a good thought:
>
> Vanilla has the most extensive User-System, because of the
> Group-System (you can actually create your own roles/groups). I needed
> that, so my starting point had to be vanilla ..
>
> You can now very easily hook the vanilla authentication into MW, using
> the following 'plugin' (which by the way is not really a plugin, just
> a howto sold as plugin):
> http://lussumo.com/addons/index.php?PostBackAction=AddOn&AddOnID=130
>
> If you don't plan to use the extra-features, try bbpress. Seems to be
> more reliable and the installation process is a lot easier than
> vanilla.
>
> And if you find a good soluton ... let us know .. ;)
>
> Jan
>
> On 10/27/07, Sneaks <0vcqn5q02 at sneakemail.com> wrote:
>   
>> thanks Callum, you've been more useful than Google!
>>
>> i think i'd prefer to leave the master set on WP if nothing more than
>> because the UI to manage users is much better.
>>
>> i'm actually trying to tie in three different systems for a cancer
>> non-profit: WP, Mediawiki and Vanilla (forum software). i just assumed
>> nobody would have any Vanilla experience :)
>>
>>
>>
>>
>>     
>>> We're doing it the other way, creating the users in our own system (in
>>> this example MediaWiki) and then creating the WordPress cookies. I'm not
>>> sure how MediaWiki works, but with WordPress if you insert the rows into
>>> the user table and create the cookies, the user never has to log in.
>>> WordPress handles it all on the fly
>>>
>>> So if you can redirect all WordPress logins to MediaWiki logins, then
>>> you create the MediaWiki and WP cookies and redirect back, you're in
>>> business.
>>>
>>> Ok, I just checked with MediaWiki version 1.11.0 and it requires an auth
>>> token to be updated in the user table and set in the cookie. For that
>>> reason, I'd suggest using MediaWiki's login, copy the data to WordPress,
>>> and then set the WordPress cookies. WP will do the rest.
>>>
>>> I think MediaWiki's approach is intrinsically more secure than WP's, but
>>> that's a topic for another day / thread! :)
>>>
>>> Cheers - Callum.
>>>
>>> Sneaks wrote:
>>>       
>>>> thats an interesting idea. i suppose i could hook into the wp cookie
>>>> functions and set the mediawiki authentication cookies.
>>>>
>>>> last night i was playing around and set WP's cookie root to /, and was
>>>> using:
>>>>
>>>> include($_SERVER[DOCUMENT_ROOT]."/blog/wp-blog-header.php");
>>>> auth_redirect();
>>>> wp_get_current_user();
>>>>
>>>> in a mediawiki auth plugin. i think that direction would also work,
>>>> but i'm worried about the lack of user data in the mediawiki db.
>>>>
>>>>
>>>>
>>>>
>>>>
>>>> Callum Macdonald lists.automattic.com-at-callum-macdonald.com
>>>> |wordpress| wrote:
>>>>         
>>>>> Logging a user into WP via the cookie is relatively simple. Check out
>>>>> pluggable.php for the wp_setcookie() function.
>>>>>
>>>>> Two cookies handle the login:
>>>>> wordpressuser_MD5OFSITEURL
>>>>> wordpresspass_MD5OFSITEURL
>>>>>
>>>>> The user cookie takes the username in plain text, the pass takes a
>>>>> double md5 of the password (just md5 what's in the user db).
>>>>>
>>>>> We're integrating WPMU login with another system, so we're writing
>>>>> our users to the wp user db then setting the cookies for WP. WP
>>>>> doesn't handle any login or logout functions.
>>>>>
>>>>> Cheers - Callum.
>>>>>
>>>>> [1]
>>>>> http://trac.wordpress.org/browser/trunk/wp-includes/pluggable.php?rev=6291#L458
>>>>>
>>>>>
>>>>> Bertrand wrote:
>>>>>           
>>>>>> Anyone have any idea how to share cookies from WP to Mediawiki? I
>>>>>> know there's lots of work out there to share db tables, but I don't
>>>>>> want users to have to sign in twice.
>>>>>>
>>>>>> The ideal would be that Mediawiki reads the cookies from WP, but I
>>>>>> don't know how many side effects this would have.
>>>>>>
>>>>>> B
>>>>>> _______________________________________________
>>>>>> wp-hackers mailing list
>>>>>> wp-hackers at lists.automattic.com
>>>>>> http://lists.automattic.com/mailman/listinfo/wp-hackers
>>>>>>
>>>>>>
>>>>>>             
>>>>> _______________________________________________
>>>>> wp-hackers mailing list
>>>>> wp-hackers at lists.automattic.com
>>>>> http://lists.automattic.com/mailman/listinfo/wp-hackers
>>>>>
>>>>>           
>>>> _______________________________________________
>>>> wp-hackers mailing list
>>>> wp-hackers at lists.automattic.com
>>>> http://lists.automattic.com/mailman/listinfo/wp-hackers
>>>>
>>>>
>>>>         
>>> _______________________________________________
>>> wp-hackers mailing list
>>> wp-hackers at lists.automattic.com
>>> http://lists.automattic.com/mailman/listinfo/wp-hackers
>>>
>>>       
>> _______________________________________________
>> wp-hackers mailing list
>> wp-hackers at lists.automattic.com
>> http://lists.automattic.com/mailman/listinfo/wp-hackers
>>
>>     
>
>
>   



More information about the wp-hackers mailing list