Mobile app version of vmapp.org
Login or Join
Dunderdale272

: OpenID login buttons for related modules of a site (especially a MediaWiki) I am putting up a site. Right now it will include a MediaWiki (the sort that powers Wikipedia). In the future

@Dunderdale272

Posted in: #Mediawiki #Openid #Wordpress

I am putting up a site. Right now it will include a MediaWiki (the sort that powers Wikipedia). In the future it may contain a blog (Wordpress?) and forums (Vanilla Forums 2?).

I want the site to be viewable by the general public, but editable by anyone who signs in with an OpenID. I'd like a login page like the one used on a stack exchange sites, where the user is presented with a series of familiar buttons to choose an identity provider.

Jeff Atwood has open-sourced the login component for Stack Overflow, which is awesome, but I am unable to use it as my shared hosting is on a LAMP stack, where the 'P' includes Python (2.4.3), Perl (5.8.8), PHP (5.2.4), and Ruby (1.8.7). The M is MySQL (5.1.50).

I have tried a number of things with limited success.

1) MediaWiki with the OpenID login extension. When I manually install the php-openid library, and run the test, it complains about the lack of GMP support, does something strange with HTTP fetching, and complains about a lack of mod_encoding. I contacted support and they said that they will not install mod_encoding, and that GMP is already installed.

2) MediaWiki with MultiAuthPlugin against simpleSAMLphp. I think I partially have simpleSAMLphp working, but it is not clear to me what I need to do to make it an OpenID consumer -- its over my head.

Then I decided that if I could authenticate against WordPress, I could use a MediaWiki extension to use that information to log people in.

3) WordPress OpenID plugin. Everything appeared to install correctly that is needed for OpenID consumption, although it didn't appear to work. I suspect it uses the php-openid library. I'm not sure how to debug it. More to the point, it just offers an OpenID textbox, which is not friendly for people who have no idea what it is -- I'd like buttons!

4) Google Friend Connect for WordPress. This is the first I've heard of friend connect. It was not clear that one was authenticated to do more than comment, and the intention is to be some sort of "social media" overlay on your site -- not what I had in mind.

5) Gigya Socialize for WordPress. Finally, a nice login using buttons and OpenID. (Mind you, when I tried to log in using it, it told me, "New user access is currently disabled for this site.") This is pretty slick, but:


when I try to log in using my Google or Yahoo accounts, it asks for my contacts! There is no way that it is acceptable for my users to give up contact information to a third party just to log into my site.
As I am authenticating, there is very little indication that this is authenticating me to my site; instead, it appears that the request is for Gigya.
If my site becomes really popular, I'll have to pay money to allow people to log in!


I haven't completed setting up JanRain Engage for WordPress, but I think it will be much the same as Gigya.



How can I have a unified, single sign-in for a group of related sites on the same domain, using OpenID and friendly google, yahoo, twitter, etc., buttons, which authenticates directly from my domain (ie. without claiming to be from a third party)? Barring that, how can I get users to log into MediaWiki using OpenID (without changing web hosts)? Edit: Are there any wikis you would recommend that already have a nice OpenID login feature?

I am happy to provide further details on my adventures so far. I am also a programmer, albeit not a web-programmer, quite familiar with python, and knowing enough Perl, PHP, and Ruby that I could hack on a near-solution to make it work.

10.01% popularity Vote Up Vote Down


Login to follow query

More posts by @Dunderdale272

1 Comments

Sorted by latest first Latest Oldest Best

 

@Angie530

I find the idea of implementing a shared hosting-friendly OpenID extension which suits MediaWiki intriguing, however, there are some requirements for the JanRain and PEAR OpenID 0.2.1 libraries which, as you've seen, will probably not be embraced by shared hosting providers in the near future.

It looks as though you are open to solutions other than OpenID and, if you don't mind digging into the authentication code behind the applications you are using, you might consider a simple single sign-on system like the one proposed here - definitely not the ideal solution, (reverse-engineering existing authentication replacements may cut down implementation time but it'll still take a while) but it beats starting from scratch.

10% popularity Vote Up Vote Down


Back to top | Use Dark Theme