[Systems] LDAP authentication in the wiki
bernie at sugarlabs.org
Wed Nov 9 14:34:55 EST 2011
On Wed, 2011-11-09 at 09:27 +0000, Aleksey Lim wrote:
> On Wed, Nov 09, 2011 at 02:12:43AM -0500, Bernie Innocenti wrote:
> > On Sun, 2011-11-06 at 06:10 +0000, Aleksey Lim wrote:
> > > In fact, that was my initial idea. But if I got Fred right, there is an
> > > issue w/ easy cracking media wiki auth system to create users to spam.
> > >
> > > btw, if wikipedia still uses its own auth system, why not doing the same
> > > for SL's wiki? (but create account page on wikipedia contain things like
> > > graphical captcha).
> > Sorry, I don't understand: when you wrote "wikipedia", did you mean
> > mediawiki instead?
> I meant wikipedia, it uses mediawiki's internal account creation system
> (w/ captcha plugin Fred mentioned).
Ok, then let's try adding the captcha.
> > Perhaps there's already a "test" account in Mediawiki?
> I renamed existed "test" account (which worked fine for "alsroot").
> btw, I created ldap "test" account directly by via ldapvi.
The user has a straight md5 password with no salt. I think it should be
md5-crypt. Maybe this is the problem.
Use system-useradd to create the account. When you're done, you can
delete the account with system-userdel.
We could create a new shell script that creates users in LDAP without a
posixAccount class. Mediawiki can also create LDAP entries, but I
haven't tested it yet.
Sugar Labs Infrastructure Team
More information about the Systems