Document current MediaWiki PHP authn stack
Closed, ResolvedPublic
Actions

Assigned To

Authored By

	bd808
	Jan 31 2015, 1:24 AM

Description

Create a wiki page documenting the data flow and code components touched by authenticating to MediaWiki starting from the username/password entry and following through to a valid session. The documentation should include analysis of:

core MediaWiki AuthPlugin
Central Auth
LDAP Auth
OATH Auth (2-factor)
OAuth
OAuth Authentication, OpenID and/or Google Login

Key points to capture:

Hooks used
High level summary of activity performed by hooks
"Tricks" used to work around poorly exposed or unexposed features in the core stack

Related Objects
Search...

Status	Subtype	Assigned	Task
Resolved		• Deskana	T75616 Tracking: API/backend issues blocking Wikipedia app development
Resolved		Anomie	T32788 Allow triggering of user password reset email via the API
Open		None	T90925 General authentication improvements for MediaWiki
Resolved		Anomie	T48179 Allow a challenge stage during authentication
Open		None	T5709 Refactoring to make external authentication and identity systems easier
Resolved		Tgr	T43201 UserLoadFromSession considered evil
Resolved		Anomie	T67493 Session is started by EditAction (problem for extensions using UserLoadFromSession hook)
Open	Feature	None	T55156 Provide option to force a login session to end within a certain time
Open		None	T89459 Modernize MediaWiki authentication system (AuthManager)
Resolved		Legoktm	T88195 Document current MediaWiki PHP authn stack

Event Timeline

bd808 created this task.Jan 31 2015, 1:24 AM

bd808 assigned this task to Legoktm.

bd808 raised the priority of this task from to High.

bd808 updated the task description. (Show Details)

bd808 added a project: MediaWiki-Core-Team.

bd808 subscribed.

Restricted Application added a subscriber: Aklapper. · View Herald TranscriptJan 31 2015, 1:24 AM

Legoktm moved this task from Backlog to In Dev/Progress on the MediaWiki-Core-Team board.Feb 2 2015, 6:27 PM

Aklapper added a project: Documentation.Feb 2 2015, 6:29 PM

My initial and completely un-organized notes are at https://www.mediawiki.org/wiki/User:Legoktm/authn. It only covers the GUI login process (haven't gotten to API), and only covers extensions that directly hook into the login process.

Legoktm added a project: MediaWiki-Core-AuthManager.Feb 5 2015, 12:17 AM

bd808 added a parent task: T89459: Modernize MediaWiki authentication system (AuthManager).Feb 13 2015, 4:05 PM

I think this is done at this point?

bd808 moved this task from In Dev/Progress to Done on the MediaWiki-Core-Team board.Mar 9 2015, 8:46 PM

bd808 moved this task from Done to Archive on the MediaWiki-Core-Team board.Mar 9 2015, 9:14 PM

Document current MediaWiki PHP authn stackClosed, ResolvedPublicActions

Description

Related ObjectsSearch...

Event Timeline

Document current MediaWiki PHP authn stack
Closed, ResolvedPublic
Actions

Related Objects
Search...