Difference between revisions of "Extension:CentralAuth"

From Biowikifarm Metawiki
Jump to: navigation, search
m (added Category:Extensions using HotCat)
m (Open Issues: update branch REL1_26 done)
Line 108: Line 108:
 
** solution approach: cookie issue?
 
** solution approach: cookie issue?
 
** solution approach: branch REL1_26 goes until Oct 28 2016 (https://phabricator.wikimedia.org/diffusion/ECAU/history/REL1_26/); update biowikifarm git of extension:CentralAuth and try again
 
** solution approach: branch REL1_26 goes until Oct 28 2016 (https://phabricator.wikimedia.org/diffusion/ECAU/history/REL1_26/); update biowikifarm git of extension:CentralAuth and try again
 +
**: update done, but no effect to $wgCentralAuthAutoLoginWikis, no single log-in
 
* log in problems and has to be tested still by others if working or not; for me, AP, it worked (no exception):
 
* log in problems and has to be tested still by others if working or not; for me, AP, it worked (no exception):
 
** http://diversityworkbench.net/w/index.php?title=Special:UserLogin&action=submitlogin&type=login&returnto=DiversityCollection causes (by Markus Weiss SNSB IT)<br/>Exception encountered, of type "Exception"
 
** http://diversityworkbench.net/w/index.php?title=Special:UserLogin&action=submitlogin&type=login&returnto=DiversityCollection causes (by Markus Weiss SNSB IT)<br/>Exception encountered, of type "Exception"

Revision as of 11:10, 8 November 2017

This extension runs on a separate database (default centralauth) and can also be safely deactivated. Read also documentations:

General steps to install:

  1. Have the appropriate extension version of CentralAuth ready in your extensions directory.
  2. Pick a database and create the CentralAuth database tables. You can use an existing database or create a new one; the extension by default uses a database named centralauth (see $wgCentralAuthDatabase below). use this database then run central-auth.sql.
  3. prepare the configuration (see below configuration section)
    1. set up configurations (global $wgConf)
    2. set up CentralAuth configuration variables
  4. Add require_once "$IP/extensions/CentralAuth/CentralAuth.php"; to /var/www/MediaWikiCommonSettings_REL1_26.php that is included in LocalSettings.php on each of your wikis.
    1. run CentralAuth’ maintenance scripts to gather user data into centralauth database
  5. The extension should be now active.

Create and Modify Database centralauth

cd /var/www/metawiki/extensions/CentralAuth/
mysql -u wikiadmin -p
# (enter password for wikiadmin SQL user)

In mysql terminal:

CREATE DATABASE centralauth;
USE centralauth;
SOURCE central-auth.sql
GRANT all on centralauth.* to 'wikiuser'@'localhost';
quit

Add global group permission for steward:

INSERT INTO global_group_permissions (ggp_group,ggp_permission) VALUES ('steward','globalgrouppermissions'), ('steward','globalgroupmembership');

If $wgMainCacheType = CACHE_DB; is used create table objectcache:

CREATE TABLE centralauth.objectcache LIKE metawiki.objectcache;

If extension:AntiSpoof is used:

$ mysqldump -u $wgDBuser -p $wgDbName spoofuser > /tmp/spoofuser.temp
$ mysql -u $wgDBuser -p centralauth < /tmp/spoofuser.temp

Configuration of CentralAuth

Familiarize yourself with the following (code) documentations:

In Common settings:

require_once "$IP/extensions/CentralAuth/CentralAuth.php";
# General CentralAuth configuration
$wgCentralAuthAutoNew = true; // Parameter deleted from MediaWiki 1.27
# $wgCentralAuthDatabase = 'centralauth'; // use default: 'centralauth'
$wgCentralAuthAutoMigrate = true; // If true, existing unattached accounts will be automatically migrated if possible at first login.
# $wgCentralAuthCookieDomain = '.example.org'; // Domain to set global cookies for

/**
 * List of wiki IDs which should be called on login to try to set third-party
 * cookies for the global session state.
 * Mapping from domain name to wiki id for other wikis to automatically login into.
 * The wiki ID is typically the database name
 * The key should be set to the cookie domain name.
 */
switch ($wgDBname) {
  default:
    $wgCentralAuthAutoLoginWikis = array(
      "openmedia",
      "specialmedia",
      "onwiki",
    );
}// $wgCentralAuthAutoLoginWikis

# Create the local account on pageview, set false to require a local login to create it.
$wgCentralAuthCreateOnView = true;

# Activates the redirect to the "central login wiki"
$wgCentralAuthLoginWiki = 'metawiki'; // This requires $wgCentralAuthCookies.
$wgCentralAuthLoginIcon = "/var/www/metawiki/media/logo/favicon32.png";// in MW 1.26.2 code allows you only to have a single string
$wgCentralAuthCookies = true;// $wgCentralAuthLoginWiki requires this

# Skips the "login success" page
$wgCentralAuthSilentLogin = true;// not available yet in MW 1.26

# Deprecated, will be removed soon.
$wgCentralAuthUseOldAutoLogin = false;// not available yet in MW 1.26


Let the maintenance scripts of CentralAuth read in login and configuration data after set up, do this one time:

cd /var/www/metawiki/extensions/CentralAuth/
php maintenance/migratePass0.php
php maintenance/migratePass1.php

Open Issues

The extension is still not working (20171103) and has open issues to be resolved:

  • it does not log in to Wikis declared in $wgCentralAuthAutoLoginWikis
  • log in problems and has to be tested still by others if working or not; for me, AP, it worked (no exception):
  • I (AP) tested Cache issues (https://www.mediawiki.org/w/index.php?title=Extension:CentralAuth&oldid=2545898#Cache_issues)
    • $wgMainCacheType = CACHE_DB; no effect to $wgCentralAuthAutoLoginWikis
    • $wgSharedTables = array( …, 'objectcache' ); no effect to $wgCentralAuthAutoLoginWikis
    • not tested to switch to: $wgSharedDB = 'centralauth'; but $wgSharedDB = 'metawiki'; had no effect to $wgCentralAuthAutoLoginWikis