[wp-hackers] Single sign-on with Wordpress & Mediawiki
Sneaks
0vcqn5q02 at sneakemail.com
Fri Oct 26 22:26:24 GMT 2007
thanks Callum, you've been more useful than Google!
i think i'd prefer to leave the master set on WP if nothing more than
because the UI to manage users is much better.
i'm actually trying to tie in three different systems for a cancer
non-profit: WP, Mediawiki and Vanilla (forum software). i just assumed
nobody would have any Vanilla experience :)
> We're doing it the other way, creating the users in our own system (in
> this example MediaWiki) and then creating the WordPress cookies. I'm not
> sure how MediaWiki works, but with WordPress if you insert the rows into
> the user table and create the cookies, the user never has to log in.
> WordPress handles it all on the fly
>
> So if you can redirect all WordPress logins to MediaWiki logins, then
> you create the MediaWiki and WP cookies and redirect back, you're in
> business.
>
> Ok, I just checked with MediaWiki version 1.11.0 and it requires an auth
> token to be updated in the user table and set in the cookie. For that
> reason, I'd suggest using MediaWiki's login, copy the data to WordPress,
> and then set the WordPress cookies. WP will do the rest.
>
> I think MediaWiki's approach is intrinsically more secure than WP's, but
> that's a topic for another day / thread! :)
>
> Cheers - Callum.
>
> Sneaks wrote:
>> thats an interesting idea. i suppose i could hook into the wp cookie
>> functions and set the mediawiki authentication cookies.
>>
>> last night i was playing around and set WP's cookie root to /, and was
>> using:
>>
>> include($_SERVER[DOCUMENT_ROOT]."/blog/wp-blog-header.php");
>> auth_redirect();
>> wp_get_current_user();
>>
>> in a mediawiki auth plugin. i think that direction would also work,
>> but i'm worried about the lack of user data in the mediawiki db.
>>
>>
>>
>>
>>
>> Callum Macdonald lists.automattic.com-at-callum-macdonald.com
>> |wordpress| wrote:
>>> Logging a user into WP via the cookie is relatively simple. Check out
>>> pluggable.php for the wp_setcookie() function.
>>>
>>> Two cookies handle the login:
>>> wordpressuser_MD5OFSITEURL
>>> wordpresspass_MD5OFSITEURL
>>>
>>> The user cookie takes the username in plain text, the pass takes a
>>> double md5 of the password (just md5 what's in the user db).
>>>
>>> We're integrating WPMU login with another system, so we're writing
>>> our users to the wp user db then setting the cookies for WP. WP
>>> doesn't handle any login or logout functions.
>>>
>>> Cheers - Callum.
>>>
>>> [1]
>>> http://trac.wordpress.org/browser/trunk/wp-includes/pluggable.php?rev=6291#L458
>>>
>>>
>>> Bertrand wrote:
>>>> Anyone have any idea how to share cookies from WP to Mediawiki? I
>>>> know there's lots of work out there to share db tables, but I don't
>>>> want users to have to sign in twice.
>>>>
>>>> The ideal would be that Mediawiki reads the cookies from WP, but I
>>>> don't know how many side effects this would have.
>>>>
>>>> B
>>>> _______________________________________________
>>>> wp-hackers mailing list
>>>> wp-hackers at lists.automattic.com
>>>> http://lists.automattic.com/mailman/listinfo/wp-hackers
>>>>
>>>>
>>>
>>> _______________________________________________
>>> wp-hackers mailing list
>>> wp-hackers at lists.automattic.com
>>> http://lists.automattic.com/mailman/listinfo/wp-hackers
>>>
>>
>> _______________________________________________
>> wp-hackers mailing list
>> wp-hackers at lists.automattic.com
>> http://lists.automattic.com/mailman/listinfo/wp-hackers
>>
>>
>
> _______________________________________________
> wp-hackers mailing list
> wp-hackers at lists.automattic.com
> http://lists.automattic.com/mailman/listinfo/wp-hackers
>
More information about the wp-hackers
mailing list