I am trying to integrate a MediaWiki site using some custom Python web applications. I have full control over the MediaWiki server and can freely modify the authentication plugin if necessary. Currently, I would like all users to log in via the screen on the MediaWiki page (or at least they should believe it, the whole process should be transparent to them).
In general, I would rather not write my own authentication code completely, but I don't mind doing some minor adaptations.
I am looking for advice from people who previously did something similar, my questions are:
I don't know anything about LDAP , but it is most likely supported by various plugins for MediaWiki and Python. Is it better to have a central LDAP server and then force all applications to authenticate here?
Compared to the above, what are the disadvantages of simply reading from the wiki database and comparing it to make sure that the shared secret from the user's cookie matches, and then, assuming they are logged in?
Can openID be used for this situation? What are some of the disadvantages?
source
share