Logged in: Logged in as: Log in
Register
Locations of visitors to this page SourceForge.net
products how to buy forum bug tracker translate deki company blog
Search:
Page last modified 00:53, 13 Feb 2008 by MaxM
MindTouch Developer Center > Deki > FAQ > User Management > How do I...Use a 3rd party web site for authentication

How do I...Use a 3rd party web site for authentication

If you have an existing web application that uses 'simple' http authentication to accept user credentials then you can pass credentials entered in Deki Wiki validate against it. This effectively delegates all validation of credentials to another system allowing the user accounts from the other system to be used within Deki Wiki with the same passwords.

Note that this is not 'automatic signon' and will require a username/password from the user to login.

Example scenarios

  • You have another web application that your users log into with a username/password.
  • You have a directory or web page protected by .htaccess / .htpasswd
  • You know of an internet site (running whatever web software) which have users that you'd like to invite to your wiki
  • You have any URI you can point your browser to and get a standard browser login dialog for which you and your colleagues have access

Requirements

The web application / remote site / whatever needs to expose a single URI which requires authentication. 

  1. The URI needs to return an HTTP status 401 (unauthorized) for anonymous users or when credentials were not provided.
  2. The URI needs to return an HTTP status 401 for invalid or unknown credentials.
  3. The URI needs to return an HTTP status 200 if valid credentials are provided. 

A simple test of all of these requirements is to point your web browser to this URI. If you get a browser based login dialog then 1 is satisifed. If you enter invalid credentials and the same dialog comes up, 2 is satisfied. If you enter valid credentials and the dialog goes away and you see some sort of content then 3 is satisfied.

Downsides

Since only user credentials are getting transmitted, groups will not work for this authentication provider. 

Setup

Add the HttpPassThroughService authentication provider by logging into your wiki as an admin and going to control panel -> service management.

Add a local service with type authentication.

Enter the SID: 

http://services.mindtouch.com/deki/draft/2007/07/http-authentication 

Enter your URI of choice a configuration setting "authentication-uri" (no quotes).

Type a description that users will see from the login page. Make sure it's enabled and optionally set it as the default. Save the service.

Troubleshooting and common issues

  • Check the logs of your remote service as well as Deki Wiki's (in bin/logs)
  • Use an http sniffer to see whats getting sent
  • Get help at the technical forum @ http://forums.opengarden.org and stop by the irc channel: irc.freenode.net #opengarden

 

Tag page
What links here

Files 0

Attach file or image
 

Images 0

 
You must login to post a comment.
Powered by MindTouch Deki v.8.08.2