This diff will modify the login process of MediaWiki 1.5.7 to ignore its own passwords, and instead use the REMOTE_USER variable, as set by an external authentication module, for example, CoSign/UniSign or mod_authz_ldap. Note there are specific customisations that refer to University of Auckland specific features, for example the UniSign logout pages, and the NetAccount system. Stephen Cope Department of Statistics, The University of Auckland 2006-03-21/2006-03-22 --- includes/SpecialUserlogin.php.orig 2006-02-11 20:26:47.000000000 +1300 +++ includes/SpecialUserlogin.php 2006-03-21 16:15:58.000000000 +1200 @@ -37,9 +37,8 @@ global $wgLang, $wgAllowRealName, $wgEnableEmail; global $wgAuth; - $this->mName = $request->getText( 'wpName' ); - $this->mPassword = $request->getText( 'wpPassword' ); - $this->mRetype = $request->getText( 'wpRetype' ); + $this->mName = $_SERVER['REMOTE_USER']; + $this->mPassword = $this->mRetype = 'External'; $this->mDomain = $request->getText( 'wpDomain' ); $this->mReturnto = $request->getVal( 'returnto' ); $this->mCookieCheck = $request->getVal( 'wpCookieCheck' ); @@ -52,6 +51,9 @@ $this->mLoginattempt = $request->getCheck( 'wpLoginattempt' ); $this->mAction = $request->getVal( 'action' ); $this->mRemember = $request->getCheck( 'wpRemember' ); + + if ( $this->mCreateaccount || $this->mCreateaccountMail ) + $this->mName = $request->getText( 'wpName' ); if( $wgEnableEmail ) { $this->mEmail = $request->getText( 'wpEmail' ); @@ -84,8 +86,6 @@ return $this->addNewAccount(); } else if ( $this->mCreateaccountMail ) { return $this->addNewAccountMailPassword(); - } else if ( $this->mMailmypassword ) { - return $this->mailPassword(); } else if ( ( 'submitlogin' == $this->mAction ) || $this->mLoginattempt ) { return $this->processLogin(); } @@ -139,18 +139,18 @@ return; } - $wgUser = $u; - $wgUser->setCookies(); + #$wgUser = $u; + #$wgUser->setCookies(); - $wgUser->saveSettings(); - if( $wgEmailAuthentication && $wgUser->isValidEmailAddr( $wgUser->getEmail() ) ) { - $wgUser->sendConfirmationMail(); + $u->saveSettings(); + if( $wgEmailAuthentication && $u->isValidEmailAddr( $u->getEmail() ) ) { + $u->sendConfirmationMail(); } wfRunHooks( 'AddNewAccount' ); if( $this->hasSessionCookie() ) { - return $this->successfulLogin( wfMsg( 'welcomecreation', $wgUser->getName() ) ); + return $this->successfulLogin( wfMsg( 'welcomecreation', $u->getName() ) ); } else { return $this->cookieRedirectCheck( 'new' ); } @@ -197,11 +197,6 @@ } - if ( 0 != strcmp( $this->mPassword, $this->mRetype ) ) { - $this->mainLoginForm( wfMsg( 'badretype' ) ); - return false; - } - $name = trim( $this->mName ); $u = User::newFromName( $name ); if ( is_null( $u ) ) { @@ -219,11 +214,7 @@ return false; } - if ( !$wgUser->isValidPassword( $this->mPassword ) ) { - $this->mainLoginForm( wfMsg( 'passwordtooshort', $wgMinimalPasswordLength ) ); - return false; - } - + /* if ( $wgAccountCreationThrottle ) { $key = $wgDBname.':acctcreate:ip:'.$wgIP; $value = $wgMemc->incr( $key ); @@ -235,6 +226,7 @@ return false; } } + */ if( !$wgAuth->addUser( $u, $this->mPassword ) ) { $this->mainLoginForm( wfMsg( 'externaldberror' ) ); @@ -311,10 +303,12 @@ $u->loadFromDatabase(); } + /* if (!$u->checkPassword( $this->mPassword )) { $this->mainLoginForm( wfMsg( 'wrongpassword' ) ); return; } + */ # We've verified now, update the real record # @@ -383,8 +377,7 @@ return wfMsg( 'noemail', $u->getName() ); } - $np = $u->randomPassword(); - $u->setNewpassword( $np ); + $np = "Your NetAccount Password"; setcookie( "{$wgCookiePrefix}Token", '', time() - 3600, $wgCookiePath, $wgCookieDomain ); --- includes/SpecialUserlogout.php.orig 2005-03-14 04:29:43.000000000 +1300 +++ includes/SpecialUserlogout.php 2006-03-22 16:18:03.000000000 +1200 @@ -18,10 +18,7 @@ wfRunHooks('UserLogoutComplete', array(&$wgUser)); $wgOut->mCookies = array(); - $wgOut->setRobotpolicy( 'noindex,nofollow' ); - $wgOut->addHTML( wfMsg( 'logouttext' ) ); - $wgOut->returnToMain(); - + $wgOut->redirect( 'https://unisign.auckland.ac.nz/logout/' ); } } --- includes/templates/Userlogin.php.orig 2005-06-03 23:56:01.000000000 +1200 +++ includes/templates/Userlogin.php 2006-03-22 16:06:00.000000000 +1200 @@ -41,8 +41,7 @@
- msgHtml( 'emailforlost' ) ?>
-
-