Pat Patterson, from Sun Microsystems, has released a quick proof of concept of an OpenSSO authentication plugin for MediaWiki. This could be a really useful plugin for any organization that has decided to go the Web SSO route. If you aren’t familiar with OpenSSO, and you maintain a number of applications with some form of cookie trusted mess, or multiple logins, I highly recommend checking it out.

I was actually planning on writing this extension, and haven’t had time to get to it. I’ve asked Pat if I can test, clean up, and maintain his extension in Wikimedia’s SVN.

Share:

Recently, I deployed OpenSSO as a web single sign on service for a number of web servers, one of which was running MediaWiki. I haven’t yet written a SAML2 plugin for MediaWiki, so I am running an OpenSSO web agent for Apache, with the LDAP plugin doing auto-authentication.

After deploying the web agent, MediaWiki started parsing things incorrectly. Wiki-syntax like:

== Test ==
== Test2 ==
=== Test 3 ===

Was being corrupted, and turning into something like:

Share:

In part 1 of this series, I discussed basic password authentication for Active Directory (AD). In this article I will discuss enabling group restrictions and synchronization, and retrieving preferences for AD. I’ll first discuss group restrictions, then synchronization, then retrieving preferences.

Group restrictions and synchronization will require you to somewhat understand the LDAP structure that your AD environment is built upon. Don’t worry, this isn’t as scary as it sounds, and I’ll explain how to find all of the information you’ll require.

Share:

For some corporate wikis, it is beneficial to allow anonymous edits; however, anonymous edits in MediaWiki track IP addresses, and in most corporate environments, it is simple to identify a user simply by knowing what IP address they came from. Also, most corporate environments are opposed to allowing non-authenticated write-access to any resource (for good reason).

So, if you wanted to have a wiki, like a wiki for polls, that needed some form of anonymity for users to trust using it, using the LDAP Authentication extension in a clever way can allow you to do this.

Share:

In part 1 of this series, I discussed basic password authentication for Active Directory (AD). In this article, I will discuss basic password authentication for LDAP domains with the posix schema.

For basic password authentication against an LDAP domain with the posix schema, you need to configure three or four things:

1. Domain name
2. Server names
3. How to bind to the LDAP servers
4. The proxy user used to find your user accounts (optional depending on your environment)

Prerequisites

Please see and complete the “Create a local sysop”, and “Enabling the plugin” sections of part 1 before proceeding.

Share:

The Plotters extension for MediaWiki allows wiki editors to visualize data using scripts created by administrators. Scripts are added in a way similar to the Gadgets extension.

Three types of scripts are available: helpers, preprocessors. and plotters. The script types are loaded in that order so that helpers can be used in preprocessors and plotters, and so that data can be preprocesed before it is plotted.

Wiki editors can use these scripts by using the plot parser function, or tag:

{{#plot:
|renderer=plotkit
|name=<uniquename>
|width=300
|height=300
|script=<scriptname>
|scriptarguments=arg1,arg2,...
|preprocessors=<preprocessorname1>,<preprocessorname2>,...
|preprocessorarguments=<preprocessor1argument1>,<preprocessor1argument2>,...:preprocessor2argument1>,<preprocessor2argument2>,...:...,...
|labels=label1,label2
|datasep=,
|tableclass=wikitable
|data=1,2
2,4}}

or a simpler example:

Share:

Running a corporate wiki is much different than running a public wiki. People inside a corporate environment expect certain things that (most) public wikis simply don’t have to worry about. These things include single sign on/integrated authentication, WYSIWYG editing, search that finds more than just wiki pages, formalized input, document versioning (draft, stable, published, etc.), document importing, and document exporting.

Thankfully, there are a number of MediaWiki extensions that can provide these types of functionality.

Share:

The (terrible) doc/ppt/xls Microsoft Office document formats all have the same MIME type. This causes a lot of grief when using MediaWiki, as MediaWiki checks MIME types against file extensions for security purposes. In this article I’ll describe how to allow uploading for these file types, and how to get around the “The file is corrupt or has an incorrect extension” problem.

Allow doc/ppt/xls to be uploaded

Add the following lines to your LocalSettings.php to allow these formats:

Share:

Configuring the LDAP Authentication plugin for MediaWiki can be a daunting task. In this series of posts, I’ll go over the basics of configuring the plugin for common environments. In a later series of posts, I’ll go into each environment in detail.

Part 1 will discuss basic password authentication for Active Directory (AD). Part 2 will discuss basic password authentication for LDAP domains with the posix schema. Part 3 will discuss enabling group restrictions and synchronization, and retrieving preferences for AD. Part 4 will discuss group restrictions and synchronization, and retrieving preferences for LDAP domains with the posix schema.

Share:

So, I finally broke down and made a Blog. I’m not a terribly big fan of blogging; however, I needed a place to post some information about my MediaWiki plugins that shouldn’t normally be posted at mediawiki.org.

I was considering using my MediaWiki site for the blog, but since I’m lazy, and wordpress is easy, I decided to go that route.

I’ll be posting mostly technology related info here; specifically, I’ll probably post a lot about MediaWiki and LDAP.

Share: