0008277: dokuwiki integration: cannot login from wiki login page - MantisBT

ID	Project	Category	View Status	Date Submitted	Last Update

0008277	mantisbt	integration	public	2007-08-19 02:39	2020-06-27 01:48

Reporter	firebus	Assigned To	dregad
Priority	normal	Severity	major	Reproducibility	always
Status	closed	Resolution	no change required
Platform	firefox 2.x	OS	windows	OS Version	xp
Product Version	1.1.0a4

Summary	0008277: dokuwiki integration: cannot login from wiki login page
Description	so, let's redirect the dokuwiki login page to the mantis login page by adding a rewrite rule to dokuwiki's .htaccess use mantis' return parameter to bounce back to the correct page on the wiki after login. assuming that mantis is installed at /mantis, and dokuwiki at /dokuwiki: ewriteCond %{QUERY_STRING} do=login RewriteCond %{QUERY_STRING} (id=.) RewriteRule . /mantis/login_page.php?return=/dokuwiki/doku.php?%1 [R,L] likewise, we can remap the dokuwiki logout page (since that doesn't seem to work either) RewriteCond %{QUERY_STRING} do=logout RewriteRule .* /mantis/logout_page.php
Additional Information	let me know if this idea is acceptable, and i'll update the wiki page for 0007075
Tags	No tags attached.

pluntke 2007-10-28 14:09 reporter ~0016006	I disagree here. The comment of function trustExternal in DokuWiki reads: The function will be called with or without a set username. If the Username is given it was called from the login form and the given credentials might need to be checked. If no username was given it the function needs to check if the user is logged in by other means (cookie, environment). which means this function should be able to do a login by calling Mantis' auth_attempt_login(). I went deep into it today but only reached partial solution: Login (and logout!) is possible from wiki BUT after login I still see the login page of wiki. I have to manually change to e.g. index page to see that I'm successfully logged in. Find the modified code in the wiki of this issue (because still being worked on)

pluntke 2007-10-28 14:16 reporter ~0016008	I'm not allowed to create an wiki entry for this issue :-( So here's a first attempt to optimise it (new lines marked with a +) function auth_mantis(){ $this->cando['external'] = true; $this->cando['logoff'] = true; } /** Authenticates the user using Mantis APIs. */ function trustExternal($user,$pass,$sticky=false){ global $USERINFO; global $conf; if (!empty($pass)) auth_attempt_login($user,$pass,false);

pluntke 2007-10-28 14:19 reporter ~0016009	oh sorry, I'm talking about: mantis.class.php Maybe someone else finds the clue, why a reload is nessecary to make the login page disappear after login in.

Silbaer 2007-10-31 05:13 reporter ~0016036	This is working for me: (mantis is in /mantis and dokuwiki in /mantiswiki) RewriteCond %{QUERY_STRING} do=login RewriteCond %{QUERY_STRING} (id=.) RewriteRule . /mantis/login_page.php?return=/mantiswiki/doku.php?%1 [R,L] RewriteCond %{QUERY_STRING} do=logout RewriteRule .* /mantis/logout_page.php [R,L] After hitting login, I can login via the mantis-login and after that I am logged in in my wiki. No reload needed. Logout also works. No wiki-login-page appears.

firebus 2007-10-31 11:31 reporter ~0016039	i agree with pluntke that this should be handled in the integration. the htaccess solution is just a kludge (but a nice one!)

nurikabe 2007-10-31 15:55 reporter ~0016041	I also agree. I run Mantis on a Windows server and rewrites like the above don't work without some drama.

pluntke 2008-01-24 15:23 reporter ~0016800	I can't reproduce the problem in mantis 1.1.0. I still use the code modification mentioned in 0008277:0016008. Can anyone else please check if this issue is solved?

pluntke 2008-01-24 15:34 reporter ~0016802	... with or without my small addition?

keylevel 2008-10-14 07:31 reporter ~0019550	Making these changes: function auth_mantis(){ $this->cando['external'] = true; $this->cando['logoff' ] = true; // module has a logoff method } /** Authenticates the user using Mantis APIs. */ function trustExternal ( $user, $pass, $sticky = false ) { global $USERINFO; global $conf; $ValidUser = false; // Has a user name been provided? if ( !empty ( $user ) ) { // User name provided, so login via form in progress... // Are the specified user name and password valid? if ( auth_attempt_login ( $user, $pass, $sticky ) ) { // Credential accepted... $_SERVER['REMOTE_USER'] = $user; // Set the user name (makes things work...) $ValidUser = true; // Report success. } else { // Invalid credentials if ( !$silent ) { msg ( $lang [ 'badlogin' ], -1 ); } `$ValidUser = false;` } } else { // No user name provided. // Is a user already logged in? if ( auth_is_user_authenticated ( ) ) { // Yes, a user is logged in, so set the globals... $t_project_name = getNS ( getID ( ) ); $t_project_id = project_get_id_by_name ( $t_project_name ); $t_access_level = access_get_project_level ( $t_project_id ); $t_access_level_string = strtoupper ( get_enum_to_string ( config_get ( 'access_levels_enum_string' ), $t_access_level ) ); $USERINFO[ 'pass' ] = current_user_get_field ( 'password' ); $USERINFO[ 'name' ] = current_user_get_field ( 'username' ); $USERINFO[ 'mail' ] = current_user_get_field ( 'email' ); $USERINFO[ 'grps' ] = array ( $t_access_level_string ); $_SERVER[ 'REMOTE_USER' ] = $USERINFO[ 'name' ]; $_SESSION[ $conf[ 'title' ]][ 'auth' ][ 'user' ] = $USERINFO[ 'name' ]; $_SESSION[ $conf[ 'title' ]][ 'auth' ][ 'info' ] = $USERINFO; $ValidUser = true; } else { $ValidUser = false; } } // Is there a valid user login? if ( true != $ValidUser ) { // No, so make sure any existing authentication is revoked. auth_logoff ( ); } return $ValidUser; } seems to get login/logout working as expected. trustExternal has more changes in than needed - I like a single point of exit :-) Basic change is to login if a user name is provided and set REMOTE_USER if that succeeds.

dregad 2020-06-14 13:06 developer ~0064097	Using Apache mod_rewrite is no longer necessary.

View Issue Details

Relationships

Activities