[wp-hackers] Single sign-on with Wordpress & Mediawiki

Jan Bucher janbucher at gmail.com
Sat Oct 27 10:47:27 GMT 2007


I am working on exactly the same Setup (Vanilla, MW, WP). Until now i
did not care about cookies, so no help there. But a good thought:

Vanilla has the most extensive User-System, because of the
Group-System (you can actually create your own roles/groups). I needed
that, so my starting point had to be vanilla ..

You can now very easily hook the vanilla authentication into MW, using
the following 'plugin' (which by the way is not really a plugin, just
a howto sold as plugin):
http://lussumo.com/addons/index.php?PostBackAction=AddOn&AddOnID=130

If you don't plan to use the extra-features, try bbpress. Seems to be
more reliable and the installation process is a lot easier than
vanilla.

And if you find a good soluton ... let us know .. ;)

Jan

On 10/27/07, Sneaks <0vcqn5q02 at sneakemail.com> wrote:
> thanks Callum, you've been more useful than Google!
>
> i think i'd prefer to leave the master set on WP if nothing more than
> because the UI to manage users is much better.
>
> i'm actually trying to tie in three different systems for a cancer
> non-profit: WP, Mediawiki and Vanilla (forum software). i just assumed
> nobody would have any Vanilla experience :)
>
>
>
>
> > We're doing it the other way, creating the users in our own system (in
> > this example MediaWiki) and then creating the WordPress cookies. I'm not
> > sure how MediaWiki works, but with WordPress if you insert the rows into
> > the user table and create the cookies, the user never has to log in.
> > WordPress handles it all on the fly
> >
> > So if you can redirect all WordPress logins to MediaWiki logins, then
> > you create the MediaWiki and WP cookies and redirect back, you're in
> > business.
> >
> > Ok, I just checked with MediaWiki version 1.11.0 and it requires an auth
> > token to be updated in the user table and set in the cookie. For that
> > reason, I'd suggest using MediaWiki's login, copy the data to WordPress,
> > and then set the WordPress cookies. WP will do the rest.
> >
> > I think MediaWiki's approach is intrinsically more secure than WP's, but
> > that's a topic for another day / thread! :)
> >
> > Cheers - Callum.
> >
> > Sneaks wrote:
> >> thats an interesting idea. i suppose i could hook into the wp cookie
> >> functions and set the mediawiki authentication cookies.
> >>
> >> last night i was playing around and set WP's cookie root to /, and was
> >> using:
> >>
> >> include($_SERVER[DOCUMENT_ROOT]."/blog/wp-blog-header.php");
> >> auth_redirect();
> >> wp_get_current_user();
> >>
> >> in a mediawiki auth plugin. i think that direction would also work,
> >> but i'm worried about the lack of user data in the mediawiki db.
> >>
> >>
> >>
> >>
> >>
> >> Callum Macdonald lists.automattic.com-at-callum-macdonald.com
> >> |wordpress| wrote:
> >>> Logging a user into WP via the cookie is relatively simple. Check out
> >>> pluggable.php for the wp_setcookie() function.
> >>>
> >>> Two cookies handle the login:
> >>> wordpressuser_MD5OFSITEURL
> >>> wordpresspass_MD5OFSITEURL
> >>>
> >>> The user cookie takes the username in plain text, the pass takes a
> >>> double md5 of the password (just md5 what's in the user db).
> >>>
> >>> We're integrating WPMU login with another system, so we're writing
> >>> our users to the wp user db then setting the cookies for WP. WP
> >>> doesn't handle any login or logout functions.
> >>>
> >>> Cheers - Callum.
> >>>
> >>> [1]
> >>> http://trac.wordpress.org/browser/trunk/wp-includes/pluggable.php?rev=6291#L458
> >>>
> >>>
> >>> Bertrand wrote:
> >>>> Anyone have any idea how to share cookies from WP to Mediawiki? I
> >>>> know there's lots of work out there to share db tables, but I don't
> >>>> want users to have to sign in twice.
> >>>>
> >>>> The ideal would be that Mediawiki reads the cookies from WP, but I
> >>>> don't know how many side effects this would have.
> >>>>
> >>>> B
> >>>> _______________________________________________
> >>>> wp-hackers mailing list
> >>>> wp-hackers at lists.automattic.com
> >>>> http://lists.automattic.com/mailman/listinfo/wp-hackers
> >>>>
> >>>>
> >>>
> >>> _______________________________________________
> >>> wp-hackers mailing list
> >>> wp-hackers at lists.automattic.com
> >>> http://lists.automattic.com/mailman/listinfo/wp-hackers
> >>>
> >>
> >> _______________________________________________
> >> wp-hackers mailing list
> >> wp-hackers at lists.automattic.com
> >> http://lists.automattic.com/mailman/listinfo/wp-hackers
> >>
> >>
> >
> > _______________________________________________
> > wp-hackers mailing list
> > wp-hackers at lists.automattic.com
> > http://lists.automattic.com/mailman/listinfo/wp-hackers
> >
>
> _______________________________________________
> wp-hackers mailing list
> wp-hackers at lists.automattic.com
> http://lists.automattic.com/mailman/listinfo/wp-hackers
>


-- 
Jan Bucher
e: janbucher at web.de
m: 0176 / 2444 7149
w: www.radioaktiv.org


More information about the wp-hackers mailing list