DokuWiki

It's better when it's simple

User Tools

Site Tools


Sidebar

Translations of this page?:

Learn about DokuWiki

Advanced Use

Corporate Use

Our Community


Follow us on Facebook, Twitter and other social networks.

tips:commonlogin

How to share authentication data between several wikis on the same server

Consider the following scenario: You want to have several wikis on the same server and your users only want to login once. For this single-sign-on scenario to work you have to do the following things:

  1. Change the definition of DOKU_COOKIE in inc/init.php to something that is the same on all instances, for example md5('commoncookie'). DOKU_COOKIE is the name of the cookie that is set after a user logs in. In a standard DokuWiki installation it's a hash of the full URL (including the path).
  2. In the two setcookie calls in inc/auth.php, change DOKU_REL to '/'. This ensures that only one cookie is sent to all instances on the server.
  3. The contents of the file data/meta/_htcookiesalt must be the same on all instances. The file gets created when a user first logs in, after that, the content stays the same.
  4. To share the user information, declare one Wiki as the “master” wiki. The file conf/users.auth.php in the “slave” wikis must be a hard link to this file in the “master” wiki. If you have a similar namespace structure or don't need complex ACL setups, you can also share the file conf/acl.auth.php.

Other Authentication

There are many other common login feasible like LDAP and Active Directory just search and install

Discussion

The original instructions said in Step 4, “The file conf/users.auth.php in the “slave” wikis must be a symlink to this file in the “master” wiki.” When I tried using a symbolic link, I got the error messages,

! User authentication is temporarily unavailable. If this situation persists, please inform your Wiki Admin.
! No ACL setup yet! Denying access to everyone.

I made sure the link was not read-only, and that the permissions were the same as those on a working installation, in particular that the Internet Guest Account has Read and Write permissions. When I used a hard link, the set-up worked as advertised. I have changed the instructions accordingly, even though I don't understand what is going on. –Art Carlson, Max Planck Institute of Biochemistry, Munich, Germany

The reason why symlinks don't work for some users, but do work for others, is that not all web server configs will support following symbolic links. Supporting symbolic links can open up some security problems, so turning off that protection isn't a swell idea

tips/commonlogin.txt · Last modified: 2015-04-30 06:14 by 63.76.68.130