Nina.McHale at ucdenver
May 20, 2009, 10:53 AM
Post #1 of 2
(640 views)
Permalink
|
Hi, all!
Back with an authentication question. I set up Tom Mollerus' single sign on method yesterday:
http://www.mollerus.net/tom/blog/2008/09/single_signon_to_mediawiki_113_using_active_direct.html
...and before that I'd set the following in the LocalSettings.php settings file:
$wgGroupPermissions['*']['edit'] = false; $wgGroupPermissions['*']['read'] = false;
Per staff request, we also have an .htaccess file that restricts access to campus IPs (apparently, we're the freaking CIA). I know some of this may be redundant now, but I'm still trying to sort out the best way to set up authentication.
However, the single sign on seems to have negated those $wgGroupPermissions settings in LocalSettings.php. As in, I can log in with my network password, then log out, but still see and edit pages. Any ideas?
So basically, I'm looking for the best method to provide single sign on that requires network password to view and edit. (I think I can lose the IP settings in the .htaccess file now that we're hooked in to LDAP, as long as I don't let anyone create new accounts.)
Yours in authentication ineptitude, :)
Nina
_______________________________________________
MediaWiki-l mailing list
MediaWiki-l [at] lists
https://lists.wikimedia.org/mailman/listinfo/mediawiki-l
|
