Extension:CentralAuth
From Biowikifarm Metawiki
Revision as of 21:25, 13 November 2017 by Andreas Plank (Talk | contribs) (Extensions -> MediaWiki Extensions)
This extension runs on a separate database (default centralauth
) and can also be safely deactivated. Read also documentations:
- https://www.mediawiki.org/wiki/Extension:CentralAuth
- https://www.mediawiki.org/wiki/Extension:CentralAuth/Walkthrough
General steps to install:
- Have the appropriate extension version of CentralAuth ready in your extensions directory.
- Pick a database and create the CentralAuth database tables. You can use an existing database or create a new one; the extension by default uses a database named
centralauth
(see $wgCentralAuthDatabase below). use this database then run central-auth.sql. - prepare the configuration (see below configuration section)
- set up configurations (global
$wgConf
) - set up CentralAuth configuration variables
- set up configurations (global
- Add
require_once "$IP/extensions/CentralAuth/CentralAuth.php";
to/var/www/MediaWikiCommonSettings_REL1_26.php
that is included in LocalSettings.php on each of your wikis.- run CentralAuth’ maintenance scripts to gather user data into
centralauth
database
- run CentralAuth’ maintenance scripts to gather user data into
- The extension should be now active.
Create and Modify Database centralauth
cd /var/www/metawiki/extensions/CentralAuth/
mysql -u wikiadmin -p
# (enter password for wikiadmin SQL user)
In mysql terminal:
CREATE DATABASE centralauth;
USE centralauth;
SOURCE central-auth.sql
GRANT all on centralauth.* to 'wikiuser'@'localhost';
quit
Add global group permission for steward
:
INSERT INTO global_group_permissions (ggp_group,ggp_permission) VALUES ('steward','globalgrouppermissions'), ('steward','globalgroupmembership');
If $wgMainCacheType = CACHE_DB;
is used create table objectcache
:
CREATE TABLE centralauth.objectcache LIKE metawiki.objectcache;
If extension:AntiSpoof is used:
$ mysqldump -u $wgDBuser -p $wgDbName spoofuser > /tmp/spoofuser.temp
$ mysql -u $wgDBuser -p centralauth < /tmp/spoofuser.temp
Configuration of CentralAuth
Familiarize yourself with the following (code) documentations:
-
extension/CentralAuth.php
(global, default settings) - https://www.mediawiki.org/wiki/Extension:CentralAuth/Walkthrough
In Common settings:
require_once "$IP/extensions/CentralAuth/CentralAuth.php";
# General CentralAuth configuration
$wgCentralAuthAutoNew = true; // Parameter deleted from MediaWiki 1.27
# $wgCentralAuthDatabase = 'centralauth'; // use default: 'centralauth'
$wgCentralAuthAutoMigrate = true; // If true, existing unattached accounts will be automatically migrated if possible at first login.
# $wgCentralAuthCookieDomain = '.example.org'; // Domain to set global cookies for
/**
* List of wiki IDs which should be called on login to try to set third-party
* cookies for the global session state.
* Mapping from domain name to wiki id for other wikis to automatically login into.
* The wiki ID is typically the database name
* The key should be set to the cookie domain name.
*/
switch ($wgDBname) {
default:
$wgCentralAuthAutoLoginWikis = array(
"openmedia",
"specialmedia",
"onwiki",
);
}// $wgCentralAuthAutoLoginWikis
# Create the local account on pageview, set false to require a local login to create it.
$wgCentralAuthCreateOnView = true;
# Activates the redirect to the "central login wiki"
$wgCentralAuthLoginWiki = 'metawiki'; // This requires $wgCentralAuthCookies.
$wgCentralAuthLoginIcon = "/var/www/metawiki/media/logo/favicon32.png";// in MW 1.26.2 code allows you only to have a single string
$wgCentralAuthCookies = true;// $wgCentralAuthLoginWiki requires this
# Skips the "login success" page
$wgCentralAuthSilentLogin = true;// not available yet in MW 1.26
# Deprecated, will be removed soon.
$wgCentralAuthUseOldAutoLogin = false;// not available yet in MW 1.26
Let the maintenance scripts of CentralAuth read in login and configuration data after set up, do this one time:
cd /var/www/metawiki/extensions/CentralAuth/
php maintenance/migratePass0.php
php maintenance/migratePass1.php
Open Issues
The extension is still not working (20171103) and has open issues to be resolved:
- it does not log in to Wikis declared in
$wgCentralAuthAutoLoginWikis
- solution approach: cookie issue?
- solution approach: branch REL1_26 goes until Oct 28 2016 (https://phabricator.wikimedia.org/diffusion/ECAU/history/REL1_26/); update biowikifarm git of extension:CentralAuth and try again
- update done, but no effect to $wgCentralAuthAutoLoginWikis, no single log-in
- log in problems and has to be tested still by others if working or not; for me, AP, it worked (no exception):
- http://diversityworkbench.net/w/index.php?title=Special:UserLogin&action=submitlogin&type=login&returnto=DiversityCollection causes (by Markus Weiss SNSB IT)
Exception encountered, of type "Exception" - guessing the cause (AP): I did run php maintenance/migratePass….php multiple times while changing CentralAuth settings and maintenance/migratePass1.php ended up by reporting an exception, this may be the cause of the above exception. After emptying centralauth database and re-ran migratePass0.php and migratePass1.php it ran through smoothly.
- http://diversityworkbench.net/w/index.php?title=Special:UserLogin&action=submitlogin&type=login&returnto=DiversityCollection causes (by Markus Weiss SNSB IT)
- I (AP) tested Cache issues (https://www.mediawiki.org/w/index.php?title=Extension:CentralAuth&oldid=2545898#Cache_issues)
-
$wgMainCacheType = CACHE_DB;
no effect to $wgCentralAuthAutoLoginWikis -
$wgSharedTables = array( …, 'objectcache' );
no effect to $wgCentralAuthAutoLoginWikis -
$wgSharedDB = 'centralauth';
not tested but$wgSharedDB = 'metawiki';
had no effect to $wgCentralAuthAutoLoginWikis - see also the talk on https://www.mediawiki.org/wiki/Extension_talk:CentralAuth#Cache_Issues,_SUL,_$wgCentralAuthAutoLoginWikis
-
Possible solutions
- server settings (https://www.mediawiki.org/wiki/Manual:CORS)
- cache issues ($wgMainCacheType = CACHE_DB ?)
- …