[Systems] LDAP authentication in the wiki

[Aleksey Lim]

On Sun, Nov 06, 2011 at 01:16:53AM -0400, Bernie Innocenti wrote:
> Hello,
> 
> I've enabled LDAP authentication on wiki-devel.sugarlabs.org using this
> MediaWiki extension:
> 
>   http://www.mediawiki.org/wiki/Extension:LDAP_Authentication
> 
> Notes:
> 
>  * You should be able to login using your LDAP username and password.
> 
>  * LDAP users that do not exist in the Mediawiki database are
>    automatically created.
> 
>  * If there's no corresponding LDAP user, any pre-existing user
>    entry in the Mediawiki database is used. This provides a smooth
>    transition path.
> 
>  * It's also possible to autocreate users in ldap, but I haven't
>    experimented with this yet.
> 
> The last point may be important: if it works well, we could tell users
> to register in Mediawiki instead of creating a custom registration form.
> Aleksey, what do you think?

In fact, that was my initial idea. But if I got Fred right, there is an
issue w/ easy cracking media wiki auth system to create users to spam.

btw, if wikipedia still uses its own auth system, why not doing the same
for SL's wiki? (but create account page on wikipedia contain things like
graphical captcha).

> Please test and report anything odd.

it works for my "alsroot" ldap account but does not for "test".
maybe it is something w/ client side LDAP settings because "test" works
fine via CAS.

-- 
Aleksey