compat auth not working about smf-mw-auth HOT 4 CLOSED

If the forum is on a different server, you are going to have to give it a path to where SMF is and where it can find the Settings.php. It loads this data in to connect up to your SMF database and provide redirects as needed for the SSO.

If you are setting up a new install, you shouldn't need to touch the legacy settings. That was just the combat layer to the original auth provided here. I will look into those bugs though.

The last error messages show that you should be using SMF 2.0 and it is looking for the proper cookies. If your forum and wiki are on different domains, this won't work. If they are on different sub domains, you need sub domain independent cookies turned on in SMF. Essentially, this SSO plugin looks for your SMF cookie, parses it and validates it to log you in. Just as SMF would itself.

SMF_IN_WIKI was a direct request include prevention. Doesn't do anything much now.

from smf-mw-auth.

thanks for the hint I enabled the option to allow all subdomain

also saw this version of the legacy plugin there https://github.com/SimpleMachines/bridges/tree/master/SMF-MediaWiki-auth with the SMF_IN_WIKI
I guess this current plugin is linked to this version of legacy plugin,

I used one really older where forum db settings were defined in the wiki LocalSettings.
This plugin was using the deprecated $wgAuth /AuthPlugin.php so I am not able to use it after upgrading to MW 1.35 , I then switched to writing a quick version using PluggableAuth extension and the new AuthManager as I am not able to run your plugin.

Keeping on trying this current SSO plugin:

• I was not able to auth my user against it (best was cookie found )
• was not able to be redirect correctly after the login is submited, seems that the string is ignored. Are you depending on a particular mod ?
• Also no disconnecting link when connected in the wiki.

best I get already logged in in forum and using this
define('SMF_IN_WIKI', true);
$wgSMFLogin = true;

[ForumSessionProvider] Constructor initialized.
[ForumSessionProvider] Loading Forum System Settings.
[ForumSessionProvider] Detected SMF_Auth settings, loading compatibilty layer.
[ForumSessionProvider] Found Configuration File, attempting to loading.
[ForumSessionProvider] Loading the cookie using provider: smf2.0
[ForumSessionProvider] Read the cookie, possible member ID "XX" found
[ForumSessionProvider] User detected, attempting to load the database.
[ForumSessionProvider] Database loaded, attempting to load forum member.
[ForumSessionProvider] Found a cached instance of this data, using it
[ForumSessionProvider] Forum member found, verifying cookie of XX
[ForumSessionProvider] Member ID, XX, failed to validate password under IP.IP.IP.IP

when I am already logged in on the SMF
then If I click on connect I get alternatively an error in redirection and kept on the wiki or a get a forum login page but redirected to the forum index after

One time I got logged in in returning manually to wiki but every other trial this is just a loop between wiki and forum

if not logged and
#define('SMF_IN_WIKI', true);
#$wgSMFLogin = true;

I always get unknown action page in wiki whenever I hit connect

ok found the origin of failed to validate password under IP.IP.IP.IP forum and wiki are both behind proxy and one was seeing the real ip the other the proxy ip.
$_SERVER['REMOTE_ADDR'] = $_SERVER['HTTP_X_FORWARDED_FOR'];
helps this part
still no log out button and no correct redirection upon login

and wondering If I change Ip do I need to relog ?

from smf-mw-auth.

[ForumSessionProvider] Member ID, XX, failed to validate password under IP.IP.IP.IP

This right here is your hint. The password in the cookie isn't validating. This means it found the cookie and was able to get the data into a workable order. But when it attempted to validate the password, it failed.

Are you using the latest 2.0.x?
Another issue can occur is with the auth changes that occurred. Settings.php in SMF should now have a auth_secret. This is used to hash the cookie safely to prevent forgeries. But if it is missing, it could be causing issues. SMF itself will do its best to make things work, but the auth here doesn't know how to handle it.

from smf-mw-auth.

FYI, for MediaWiki. You do need to tell it your behind a proxy: https://serverfault.com/questions/526547/mediawiki-behind-reverse-proxy-populates-user-ip-address-with-proxy-address

from smf-mw-auth.