Change Details

I'm not sure if this is a bug or simply lack of understanding of how this extension works on my parts. I am trying to upgrade from an older generation of this extension and mediawiki (pre-1.27) that worked well with the REMOTE_USER/REMOTE_USER_DATA variables set by single-signon. However, I am having a hard time getting the current version of Auth_remoteuser working with mediawiki-1.31.0 to enable public wikis that require logins only for editing and admin functions. The setup I have consists of the same Special:UserLogin redirect to a SSO-protected Authentication page that seems to work fine as I see my user logged in on that particular page when I use a closure recommended by the Auth_remoteuser documentation shown below. However, the moment I navigate away from a SSO-protected page I see 'Log In' navigational link and cannot edit pages or perform any logged-in functions even though a review of cookies shows that there is a valid session and the correct username is stored in other relevant cookies. Here's my LocalSettings.php configuration pertitent to Auth_remoteuser: wfLoadExtension( 'Auth_remoteuser' ); $wgSessionName = 'wikidb_main_session'; $wgAuthRemoteuserRemoveAuthPagesAndLinks = true; $wgSessionsInObjectCache = true; $wgAuthRemoteuserUserName = function() { if ( isset ($_SERVER['REMOTE_USER_DATA']) ){ $credentials = explode( ':',$_SERVER['REMOTE_USER_DATA']); $username = ucfirst($credentials[0]); return $username ? $username : null; } }; Of course, on all non-protected pages the $_SERVER['REMOTE_USER_DATA'] is not set, so the user is considered logged-out, which is not the behavior I would expect from Auth_remoteuser. Fully private wikis work well with Auth_remoteuser as REMOTE_USER and REMOTE_USER_DATA are set by the webserver for every URI. Thank you, Alex

I'm not sure if this is a bug or simply lack of understanding of how this extension works on my parts. I am trying to upgrade from an older generation of this extension and mediawiki (pre-1.27) that worked well with the REMOTE_USER/REMOTE_USER_DATA variables set by single-signon. However, I am having a hard time getting the current version of Auth_remoteuser working with mediawiki-1.31.0 to enable public wikis that require logins only for editing and admin functions. The setup I have consists of the same Special:UserLogin redirect to a SSO-protected Authentication page that seems to work fine as I see my user logged in on that particular page when I use a closure recommended by the Auth_remoteuser documentation shown below. However, the moment I navigate away from a SSO-protected page I see 'Log In' navigational link and cannot edit pages or perform any logged-in functions even though a review of cookies shows that there is a valid session and the correct username is stored in other relevant cookies. Here's my LocalSettings.php configuration pertitent to Auth_remoteuser: ``` wfLoadExtension( 'Auth_remoteuser' ); $wgSessionName = 'wikidb_main_session'; $wgAuthRemoteuserRemoveAuthPagesAndLinks = true; $wgSessionsInObjectCache = true; $wgAuthRemoteuserUserName = function() { if ( isset ($_SERVER['REMOTE_USER_DATA']) ){ $credentials = explode( ':',$_SERVER['REMOTE_USER_DATA']); $username = ucfirst($credentials[0]); return $username ? $username : null; } }; ``` Of course, on all non-protected pages the $_SERVER['REMOTE_USER_DATA'] is not set, so the user is considered logged-out, which is not the behavior I would expect from Auth_remoteuser. Fully private wikis work well with Auth_remoteuser as REMOTE_USER and REMOTE_USER_DATA are set by the webserver for every URI. Thank you, Alex

I'm not sure if this is a bug or simply lack of understanding of how this extension works on my parts. I am trying to upgrade from an older generation of this extension and mediawiki (pre-1.27) that worked well with the REMOTE_USER/REMOTE_USER_DATA variables set by single-signon. However, I am having a hard time getting the current version of Auth_remoteuser working with mediawiki-1.31.0 to enable public wikis that require logins only for editing and admin functions. The setup I have consists of the same Special:UserLogin redirect to a SSO-protected Authentication page that seems to work fine as I see my user logged in on that particular page when I use a closure recommended by the Auth_remoteuser documentation shown below. However, the moment I navigate away from a SSO-protected page I see 'Log In' navigational link and cannot edit pages or perform any logged-in functions even though a review of cookies shows that there is a valid session and the correct username is stored in other relevant cookies. Here's my LocalSettings.php configuration pertitent to Auth_remoteuser: ``` wfLoadExtension( 'Auth_remoteuser' ); $wgSessionName = 'wikidb_main_session'; $wgAuthRemoteuserRemoveAuthPagesAndLinks = true; $wgSessionsInObjectCache = true; $wgAuthRemoteuserUserName = function() { if ( isset ($_SERVER['REMOTE_USER_DATA']) ){ $credentials = explode( ':',$_SERVER['REMOTE_USER_DATA']); $username = ucfirst($credentials[0]); return $username ? $username : null; } }; ``` Of course, on all non-protected pages the $_SERVER['REMOTE_USER_DATA'] is not set, so the user is considered logged-out, which is not the behavior I would expect from Auth_remoteuser. Fully private wikis work well with Auth_remoteuser as REMOTE_USER and REMOTE_USER_DATA are set by the webserver for every URI. Thank you, Alex