DokuWiki

It's better when it's simple

User Tools

Site Tools


auth

This is an old revision of the document!


Authentication Backends & Plugins

After you have enabled ACL in the config file you need to decide how you like to store user data. DokuWiki supports various methods and creating a new one is pretty easy.

DokuWiki uses so called authentication plugins that provide certain methods to store user data and passwords. The user won't even see this plugin but you as an administrator have to set up your desired authentication plugin and configure it properly.

If the available plugins do not fulfill the requirements, you can create your own auth plugin. For details see How to write an Authentication Plugin?

Since the release 2013-05-10 “Weatherwax” DokuWiki uses Authentication Plugins instead of Authentication Backends. This requires action from the administrator when upgrading the wiki.

Summary of the resources of the old authentication backends and the new authentication plugins:

Since the release 2013-05-10 “Weatherwax”

FAQ

  • I cannot login anymore after DokuWiki upgrade, how to update from this old auth backend?
  • How do i remove the message about deprecated setting?
    Your authtype setting is deprecated. You must set $conf['authtype'] = "authldap" in your config (see Authentication Backends)

    Go to your Configuration Manager and search for the authtype setting. Set this setting to the auth… backend of your need.

    (btw: $conf['authconfig'] in the message was a spelling mistake, it should be $conf['authtype'].)

Releases 2012-10-13 “Adora Belle” and older




The authentication backends below are for DokuWiki releases 2012-10-13 “Adora Belle” and older.



Backends

Up to releases 2012-10-13 “Adora Belle” and older you could use the backends below.

These are the backends you get with DokuWiki:

  • ad – Active Directory authentication with optional Single Sign On (SSO)
  • ldap – authenticate users against a LDAP directory
  • mysql – access any MySQL database to authenticate users
  • pgsql – access any Postgres database to authenticate users
  • plain – the default mechanisms which uses plain text files

Contributed Backends

These Backends aren't part of the distribution, but might be useful:

  • Ban – More secure login with ban option (rewritten plain.auth.php)
  • CAS – authenticate with a CAS server FIXME
  • cas – another CAS authentication with ACL based on LDAP attributes
  • plaincas – another CAS authentication with ACL based on CAS attributes and a corresponding login-plugin
  • chained – chain more than one authentication method
  • cosignCoSign authentication for Single Sign On (SSO)
  • django – Authenticates against a Django user database through a Django session cookie.
  • extdjango – Same as above, but uses HTTP for DW↔Django communication
  • Eventum – How to integrate DokuWiki with Eventum Issue Tracker
  • drupal – For backend authentication integration with Drupal 7.x.
  • external – Authentication through an external program – to be used with PAM & shadow passwords
  • gforge – Authenticate against GForge session cookies
  • ggauth – experimental thoughts on auth backends including chained, split as below plus HTTP basic, htaccess and PAM
  • htaccessauth – identify users that already logged in using a Basic HTTP Authorization through .htaccess
  • imap – authenticate users against an IMAP/POP3 server
  • imap – Another (awesome) IMAP authentication backend
  • keeyaiwp – SSO with Wordpress
  • ldap_local – LDAP authentication with local (plain text) ACLs
  • lemonldap – authenticate users through a LemonLDAP SSO
  • mod_auth_tkt – mod_auth_tkt authentication
  • motp – basically like the plain backend but with added checks for Mobile-OTP tokens
  • mybb – authentication using the MyBB forum software
  • ning – Ning ID authentication
  • ntlm – NTLM (i.e. Windows NT-based) authentication
  • oauth – oauth1/2 to connect authentication with Ruby on Rails/Doorkeeper, github, Google+, Facebook, Yahoo, …
  • pam – Experimental PAM authentication
  • cafu_phpbb3 – authenticate users against a PHPBB3 forum
  • phpbb3 – authenticate users against a PHPBB3.0.x forum - another take on the matter
  • plainplus – extension to plaintext to limit bad password attempts and set expirations to passwords
  • punbb – authenticate users against the PunBB forum (uses PunBB's cookies and database for SSO)
  • radius – authenticate users against a RADIUS server
  • dokushib – Shibboleth Authentication Backend
  • split – delegate login to one auth backend and groups management to another
  • smartcard – use SmartCard for login (client certificate, developed for Estonian ID card). Supports multiple backends (plain, mysql and so on).
  • ssp – SimpleSAMLphp authentication backend
  • simplesamldokuwiki – authenticate via simpleSAMLphp (SAML 2.0, Shibboleth, …)
  • sympa auth – Authenticate using sympa over SOAP
  • xmpp – authenticate users against an XMPP/Jabber server
  • yubikey – Extension to the paintext auth module to allow use of a YubiKey OTP as the password
  • dokudrupal – Drupal 7 authentication backend.
  • Ucenter – Discuz Ucenter Authentication backend.
  • Joomla 1.5 – Joomla 1.5 Authentication backend.
  • sfauth - Salesforce as authentication backend

How to implement a new auth backend is described in the HOWTO.

  • fblogin – Use Facebook as an authentication authority for your DokuWiki site
  • openid – lets register with an OpenID URL; lets already registered users add OpenID URLs to their profiles and then use OpenID to login.
  • virtualgroup – allows to assign groups to a user independently from the authn/authz-Backend.

Some relevant tips related to authentication backends

auth.1439806220.txt.gz · Last modified: 2015-08-17 12:10 by 217.67.205.123

Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Share Alike 4.0 International
CC Attribution-Share Alike 4.0 International Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki