当特定用户登录到其他服务器上的我的网站时，登录我的MediaWiki网站 [英] Log into my MediaWiki site when specific users are logged into my website on a different server

问题描述

我有一个使用IIS的ASP.NET/C#网站，当用户成功登录时(使用登录控件并检查oracle表中的用户信息)，我创建一个会话变量，该变量使站点知道该用户已通过身份验证.我还使用托管在其他Web服务器上的Media Wiki创建了一个Wiki网站.我将从用户登录的主要网站链接到Wiki.

我需要做的是，当特定用户登录到我的主站点时，当他们导航到该页面时，我也希望他们也登录到我的Wiki站点.我希望他们无需再次登录即可编辑Wiki.

这仅适用于少数几个将在我的主站点上的用户表中标记并且已经在我的Wiki站点上拥有用户帐户的人.最好的方法是什么?

我确实阅读了Media Wiki网站上的信息，这对IIS及其设置无济于事.为了让MediaWiki知道我想要登录的用户，我必须手动设置remote_user环境变量，或者我可以告诉MediaWiki寻找我的会话变量值吗?

解决方案

用于此目的的内部MediaWiki机制是 Auth remoteuser Auth remoteuser 扩展名.

否则，如果您共享域，则可以以某种可验证的方式(例如，数字签名)在主应用程序中设置cookie，并在wiki上对其进行验证.如果您不这样做，那么Wiki将必须触发对主应用程序的Web请求，该请求将检查cookie并以身份验证状态做出响应，然后wiki将基于此设置cookie.

I have a ASP.NET/C# website using IIS that when a user logs in successfully (Using login control and checking oracle table for user info) I create a session variable that lets the site know the user is authenticated. I have also created a Wiki site using Media Wiki which I have hosted on a different web server. I'm going to link to the Wiki from my main website where the user logged in.

What I need to do is when a specific users log into my main site I want them to be logged into my Wiki site as well when they navigate to that page. I want them to be able to edit the Wiki without having to log in again.

This will only be for a handful of people that will be flagged in my user table on my main site and already have user accounts on my Wiki site. What would be the best approach?

I did read the information on the Media Wiki website and it wasn't helpful for IIS and how to set it up. For MediaWiki to know what user I want to have be logged in to I have to manually set the remote_user enviroment variable or can I tell MediaWiki to look for my session variable value?

解决方案

The internal MediaWiki mechanism for this is the SessionProvider (somewhat complex and the documentation is highly technical). A simple implementation that just pushes the burden of authentication to the web server software is the Auth remoteuser extension.

Otherwise, if you share a domain, you could set cookies in your primary application in some kind of verifiable fashion (e.g. digitally signed) and verify them on your wiki. If you don't, the wiki will have to trigger a web request to the primary application, which would check the cookie and respond with an authentication status, and the wiki would set its cookies based on that.

这篇关于当特定用户登录到其他服务器上的我的网站时，登录我的MediaWiki网站的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！