See parent task and T110414#1578206.
Description
Details
Event Timeline
Change 286705 had a related patch set uploaded (by Anomie):
Update for AuthManager, somewhat
Change 296559 had a related patch set uploaded (by Gergő Tisza):
Update for AuthManager, somewhat
Is there any documentation on when and how to use "LdapPrimaryAuthenticationProvider"? On the official extension page I did not find any information about it.
There probably isn't, feel free to update the on-wiki documentation.
The basic answer is that instead of doing
$wgAuth = new LdapAuthenticationPlugin();
you instead configure AuthManager to use LdapPrimaryAuthenticationProvider with something like this
$wgAuthManagerAutoConfig['primaryauth'] += [ LdapPrimaryAuthenticationProvider::class => [ 'class' => LdapPrimaryAuthenticationProvider::class, 'args' => [ [ 'authoritative' => true, // don't allow local non-LDAP accounts ] ], 'sort' => 50, // must be smaller than local pw provider ], ];
Or, if you're already setting $wgAuthManagerConfig in your configuration, include that bit in the appropriate place there.
Beyond that I can't really help you, the LdapAuthentication extension is badly in need of a redesign and rewrite from someone who understands the stuff it's currently trying to do.
@Anomie Thanks for your quick reply! The MediaWiki Stakeholder group is actually working on an appropriate replacement for Extension:LdapAuthentication. It's likely to be a combination of Extension:PluggableAuth and Extension:PuggableSSO (plus some other extensions :) )