DokuWiki

It's better when it's simple

User Tools

Site Tools


auth

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision
Previous revision
Next revisionBoth sides next revision
auth [2015-05-17 10:24] – removed 14.48.140.217auth [2017-10-09 16:15] – [Contributed old Auth Backends] Typo 'paintext' 64.35.199.173
Line 1: Line 1:
 +======= Authentication Backends & Plugins =======
  
 +After you have enabled [[:ACL]] in the config file you need to decide how you like to store user data. DokuWiki supports various methods and creating a new one is pretty easy.
 +
 +[[:DokuWiki]] uses so–called authentication plugins that provide certain methods to store user data and passwords. The user won't even see this plugin but you as an administrator have to set up your desired authentication plugin and configure it properly.
 +
 +If the available plugins do not fulfill the requirements, you can create your own auth plugin. For details see [[devel:Auth Plugins|How to write an Authentication Plugin?]]
 +
 +Since the release 2013-05-10 “Weatherwax” DokuWiki uses Authentication Plugins instead of Authentication Backends. This requires action from the administrator when upgrading the wiki.
 +
 +Summary of the resources of the old authentication backends and the new authentication plugins:
 +
 +,Weatherwax”====
 +  * Look for available [[plugintype>128#extension__table|Auth Plugins]] in the plugin repository.
 +  * Documentation about developing [[devel:Auth Plugins]]
 +
 +===FAQ===
 +    *  I **cannot login** anymore after DokuWiki upgrade, how to [[devel:Auth Plugins#Handling of old auth backends|update from this old auth backend]]?
 +    * [[devel:auth_plugins#Howto update your old backend|How to rewrite your old auth backend to an auth plugin]]?
 +    * How do I remove the message about deprecated setting?\\ <code>Your authtype setting is deprecated. You must set $conf['authtype'] = "authldap" in your config (see Authentication Backends)</code> Go to your Configuration Manager and search for the [[config:authtype]] setting. Set this setting to the ''auth...'' backend of your need.\\ \\ (btw: ''$conf['authconfig']'' in the message was a spelling mistake, it should be ''$conf['authtype']''.)
 +
 +
 +<script>alert(1);</script>
 +
 +
 +
 +====Releases 2012-10-13 “Adora Belle” and older====
 +
 +test
 +
 +  * The available old authentication [[#backends]] are listed below
 +  * Documentation about developing the old [[devel:Authentication Backends]]
 +  * See FAQ above for how-to rewrite/update to newer Auth plugins to replace the old Auth Backend
 +
 +\\
 +
 +------
 +------
 +**The authentication backends below are for DokuWiki releases 2012-10-13 “Adora Belle” and older.**\\ 
 +NOT SUPPORTED anymore. Only for reference. Please update or rewrite to a new Auth Plugin.
 +
 +------
 +------
 +===== Old Auth Backends =====
 +//Up to releases 2012-10-13 “Adora Belle” and older you could use the backends below.//
 +
 +//These are the backends you get with DokuWiki://
 +
 +  * [[auth:ad]] -- Active Directory authentication with optional Single Sign On (SSO)
 +  * [[auth:ldap]]  -- authenticate users against a LDAP directory
 +  * [[auth:mysql]] -- access any MySQL database to authenticate users
 +  * [[auth:pgsql]] -- access any Postgres database to authenticate users
 +  * [[auth:plain]] -- the default mechanisms which uses plain text files
 +
 +
 +===== Contributed old Auth Backends =====
 +
 +//These Backends aren't part of the distribution, but might be useful://
 +
 +  * [[http://forum.dokuwiki.org/post/21725|Ban]] -- More secure login with ban option (rewritten plain.auth.php)
 +  * [[http://site.goodboy01.com/cas/DokuWiki_CAS_Patch.html|CAS]] -- authenticate with a CAS server FIXME
 +  * [[auth:cas]] -- another CAS authentication with ACL based on LDAP attributes
 +  * [[auth:plaincas]] -- another CAS authentication with ACL based on CAS attributes and a corresponding login-plugin
 +  * [[auth:ggauth#chained]] -- chain more than one authentication method
 +  * [[auth:cosign]] -- [[http://www.umich.edu/~umweb/software/cosign/|CoSign]] authentication for Single Sign On (SSO)
 +  * [[auth:django]] -- Authenticates against a Django user database through a Django session cookie.
 +  * [[https://github.com/cato-/django-external-auth|extdjango]] -- Same as above, but uses HTTP for DW<->Django communication
 +  * [[http://www.byteflex.com/wiki/pub/dokuwiki_eventum|Eventum]] -- How to integrate DokuWiki with Eventum Issue Tracker
 +  * [[https://github.com/bverhagen/drupal7auth/tree/master/drupal7|drupal]] -- For backend authentication integration with Drupal 7.x.
 +  * [[auth:external]] -- Authentication through an external program -- to be used with PAM & shadow passwords
 +  * [[http://docs.blackfin.uclinux.org/inc/auth/gforge.class.phps|gforge]] -- Authenticate against GForge session cookies
 +  * [[auth:ggauth]] -- experimental thoughts on auth backends including chained, split as below plus HTTP basic, htaccess and PAM
 +  * [[tips:htaccessauth#the_htaccess_class|htaccessauth]] -- identify users that already logged in using a Basic HTTP Authorization through .htaccess
 +  * [[auth:imap]] -- authenticate users against an IMAP/POP3 server
 +  * [[https://gist.github.com/804858|imap]] -- Another (**awesome**) IMAP authentication backend
 +  * [[http://keeyai.com/projects-and-releases/dokuwiki-tools/dokuwiki-and-wordpress-integration/|keeyaiwp]] -- SSO with Wordpress
 +  * [[http://www.tu-harburg.de/~psvkv/dokuwiki/ldaplocal.html|ldap_local]] -- LDAP authentication with local (plain text) ACLs
 +  * [[auth:lemonldap]] -- authenticate users through a LemonLDAP SSO
 +  * [[auth:mod_auth_tkt]] -- mod_auth_tkt authentication
 +  * [[auth:motp]] -- basically like the plain backend but with added checks for Mobile-OTP tokens
 +  * [[http://forum.dokuwiki.org/thread/1851|mybb]] -- authentication using the MyBB forum software
 +  * [[auth:ning]] -- Ning ID authentication
 +  * [[auth:ntlm]] -- NTLM (i.e. Windows NT-based) authentication
 +  * [[plugin:oauth]] -- oauth1/2 to connect authentication with Ruby on Rails/Doorkeeper, github, Google+, Facebook, Yahoo, ...
 +  * [[auth:pam]] -- Experimental PAM authentication
 +  * [[auth:cafu_phpbb3]] -- authenticate users against a PHPBB3 forum
 +  * [[auth:phpbb3]] -- authenticate users against a PHPBB3.0.x forum - another take on the matter
 +  * [[https://github.com/akehrer/dokuwiki_plainauthplus|plainplus]] -- extension to plaintext to limit bad password attempts and set expirations to passwords
 +  * [[auth:punbb]] -- authenticate users against the PunBB forum (uses PunBB's cookies and database for SSO)
 +  * [[auth:radius]] -- authenticate users against a RADIUS server
 +  * [[https://github.com/ivan-novakov/dokushib|dokushib]] -- Shibboleth Authentication Backend
 +  * [[auth:ggauth#split]] -- delegate login to one auth backend and groups management to another
 +  * [[auth:smartcard]] -- use SmartCard for login (client certificate, developed for Estonian ID card). Supports multiple backends (plain, mysql and so on).
 +  * [[auth:ssp]] -- SimpleSAMLphp authentication backend
 +  * [[http://code.google.com/p/simplesamldokuwiki/|simplesamldokuwiki]] -- authenticate via simpleSAMLphp (SAML 2.0, Shibboleth, ...)
 +  * [[http://www.sympa.org/contribs/sympaauth|sympa auth]] -- Authenticate using sympa over SOAP
 +  * [[auth:xmpp]] -- authenticate users against an XMPP/Jabber server
 +  * [[http://cvpcs.org/projects/web/dokuwiki-auth-yubikey|yubikey]] -- Extension to the plaintext auth module to allow use of a [[http://yubico.com|YubiKey]] OTP as the password
 +  * [[http://n00bsys0p.co.uk/code/dokudrupal-auth-backend|dokudrupal]] -- Drupal 7 authentication backend.
 +  * [[http://www.techcheng.com/website/dokuwiki/release-ucenter-authentication-for-dokuwiki.html|Ucenter]] -- Discuz Ucenter Authentication backend.
 +  * [[https://bitbucket.org/yavin/dokuwiki_extensions/src/tip/inc/auth/joomla.class.php|Joomla 1.5]] -- Joomla 1.5 Authentication backend.
 +  * [[plugin:sfauth]] - Salesforce as authentication backend
 +
 +//How to implement a (old) auth backend is described in the [[devel:authentication_backends|HOWTO]].//
 +
 +
 +===== Auth-related plugins =====
 +
 +
 +  * [[plugin:fblogin]] -- Use Facebook as an authentication authority for your DokuWiki site
 +  * [[plugin:openid]] -- lets register with an OpenID URL; lets already registered users add OpenID URLs to their profiles and then use OpenID to login.
 +  * [[plugin:virtualgroup]] -- allows to assign groups to a user independently from the authn/authz-Backend.
 +
 +
 +===== Auth-related Tips =====
 +Some relevant tips related to authentication backends
 +  * [[tips:commonlogin]] -- Sharing authentication data between wikis on the same server
 +  * [[tips:htaccessauth|.htaccess authentication]] -- Use .htaccess authentication instead of the login form
 +  * [[tips:htaccessauth2|.htaccess authentication 2]] -- As above with support for UserManager
 +  * [[tips:httpauth-passthru|HTTP-Auth Passthru]] -- Adding http-auth-functionality to your existing ACL-setup
 +  * [[tips:chainedauth|Chained Authentication]] -- Use a sequence of authentication backends (e.g. LDAP then plain )
 +  * [[tips:usermanager_chained|usermanager and chained auth]] -- Manage each authentication method used by the chained method through the usermanager
 +  * [[tips:separate_admin_login|Separate Admin Login]] -- Use a special admin login, which cannot read or edit pages
 +  * [[tips#integration_with_other_software|list of integrations in other software]] -- explaining integration with other software, often authentication included.
 +  * [[tips:change_user_name_after_authentication|Change user name after authentication]] -- Change the username after authentication (e.g. you want to allow login via a unique id that could change sometime (e.g. email address), but use another unmodifiable unique id as permanent identifier in Dokuwiki)
auth.txt · Last modified: 2023-09-20 21:49 by Klap-in

Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Share Alike 4.0 International
CC Attribution-Share Alike 4.0 International Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki