DokuWiki

It's better when it's simple

User Tools

Site Tools


plugin:authpdo:joomla

Table of Contents

authPDO

Joomla

Configuration for authPDO plugin to login to DokuWiki with existing Joomla username & password.


NOTICE: There is a plugin authjoomla3 which basically does the same, employing AuthPDO functionality and getting settings automatically from Joomla installation.

However, for security reasons setting AuthPDO can be better, because unlike authjoomla3 it doesn't access Joomla directory. So we can limit the PHP access of web sites to each other, with open_basedir. For example, using NGINX:

location ~ \.php$ {
    try_files     $uri $uri/ /doku.php;
    fastcgi_pass  unix:/run/php-fpm/php-fpm.sock;
    fastcgi_param SCRIPT_FILENAME    $document_root$fastcgi_script_name;
    fastcgi_param PHP_VALUE open_basedir="/usr/share/nginx/www/dokuwiki/:/tmp/";
    include       fastcgi_params;
}

So DokuWiki site would have access only to its folder (and temp folder or whatever you set there), but not to Joomla files. Also, the DokuWiki user for the database can have very limited rights too — just to read users tables information.


Scenario

The intention is to permit the users registered on Joomla site to make edits in the Wiki, using the same credentials. This does not give a 'single sign-on' experience, just enables a user to have the same username, password etc. on both Joomla and Dokuwiki installations.

Works on PHP 7 + MySQL + Joomla 3.9.

Wiki Configuration

Just in case, backup conf/local.php

In the AuthPDO section, configure the following:

plugin>authpdo>debug Checkbox - enable this for testing, otherwise disable
plugin>authpdo>dsn mysql:host=localhost;dbname=<DB NAME>;charset=utf8mb4
(← That is, if the charset in Joomla DB is utf8mb4; otherwise just utf8).
plugin>authpdo>user <DB-USERNAME>
plugin>authpdo>pass <DB-PASSWORD>
plugin>authpdo>select-user SELECT `username` AS user, `password` AS `hash`, `email` AS mail, `name`, `id` AS uid from `#__users` WHERE (`username`= :user AND `block`=0);
(1. Replace “#_” in the table name with the actual prefix used in that DB, e.g. it could be jos_users.
2. `block`=0 means do not authenticate blocked users, such as spammers).
plugin>authpdo>select-user-groups SELECT `title` AS `group` FROM `#__user_usergroup_map` AS m, `d0_usergroups` AS g WHERE m.`group_id` = g.`id` AND m.`user_id` = :uid;
(Replace “#_” in the table name with actual prefix of that DB, e.g. it could be jos_users.

In the Authentication section:

authtype authpdo
passcrypt bcrypt
superuser <USERNAME OF THE SUPERUSER>
disableactions register

And if you like to replace default DokuWiki groups with group structure from Joomla:

defaultgroup Registered
superuser @Super Users

In ACL settings, assign to group @Registered the same rights as @user.

It's posible to add settings for typical Joomla groups “Author”, “Manager” etc., according to your particular needs.

plugin/authpdo/joomla.txt · Last modified: 2019-11-24 18:50 by sancaya