View Issue Details

IDProjectCategoryView StatusLast Update
0008277mantisbtintegrationpublic2013-07-11 13:07
ReporterfirebusAssigned To 
PrioritynormalSeveritymajorReproducibilityalways
Status newResolutionopen 
Platformfirefox 2.xOSwindowsOS Versionxp
Product Version1.1.0a4 
Target VersionFixed in Version 
Summary0008277: dokuwiki integration: cannot login from wiki login page
Description

so, let's redirect the dokuwiki login page to the mantis login page by adding a rewrite rule to dokuwiki's .htaccess

use mantis' return parameter to bounce back to the correct page on the wiki after login.

assuming that mantis is installed at /mantis, and dokuwiki at /dokuwiki:

ewriteCond %{QUERY_STRING} do=login
RewriteCond %{QUERY_STRING} (id=.)
RewriteRule .
/mantis/login_page.php?return=/dokuwiki/doku.php?%1 [R,L]

likewise, we can remap the dokuwiki logout page (since that doesn't seem to work either)

RewriteCond %{QUERY_STRING} do=logout
RewriteRule .* /mantis/logout_page.php

Additional Information

let me know if this idea is acceptable, and i'll update the wiki page for 0007075

TagsNo tags attached.

Relationships

related to 0016076 closeddregad new revision wiki(dokuwiki-2013-05-10) integration with Mantis report error 'User authentication is temporarily unavailable' 

Activities

pluntke

pluntke

2007-10-28 14:09

reporter   ~0016006

I disagree here.
The comment of function trustExternal in DokuWiki reads:

  • The function will be called with or without a set
  • username. If the Username is given it was called
  • from the login form and the given credentials might
  • need to be checked. If no username was given it
  • the function needs to check if the user is logged in
  • by other means (cookie, environment).

which means this function should be able to do a login by calling Mantis' auth_attempt_login().

I went deep into it today but only reached partial solution:
Login (and logout!) is possible from wiki BUT after login I still see the login page of wiki. I have to manually change to e.g. index page to see that I'm successfully logged in.

Find the modified code in the wiki of this issue (because still being worked on)

pluntke

pluntke

2007-10-28 14:16

reporter   ~0016008

I'm not allowed to create an wiki entry for this issue :-(

So here's a first attempt to optimise it (new lines marked with a +)

function auth_mantis(){
$this->cando['external'] = true;

  • $this->cando['logoff'] = true;
    }

    /**

    • Authenticates the user using Mantis APIs.
      */
      function trustExternal($user,$pass,$sticky=false){
      global $USERINFO;
      global $conf;
  • if (!empty($pass))
    auth_attempt_login($user,$pass,false);

pluntke

pluntke

2007-10-28 14:19

reporter   ~0016009

oh sorry, I'm talking about: mantis.class.php

Maybe someone else finds the clue, why a reload is nessecary to make the login page disappear after login in.

Silbaer

Silbaer

2007-10-31 05:13

reporter   ~0016036

This is working for me:
(mantis is in /mantis and dokuwiki in /mantiswiki)

RewriteCond %{QUERY_STRING} do=login
RewriteCond %{QUERY_STRING} (id=.)
RewriteRule .
/mantis/login_page.php?return=/mantiswiki/doku.php?%1 [R,L]

RewriteCond %{QUERY_STRING} do=logout
RewriteRule .* /mantis/logout_page.php [R,L]

After hitting login, I can login via the mantis-login and after that I am logged in in my wiki. No reload needed. Logout also works. No wiki-login-page appears.

firebus

firebus

2007-10-31 11:31

reporter   ~0016039

i agree with pluntke that this should be handled in the integration.

the htaccess solution is just a kludge (but a nice one!)

nurikabe

nurikabe

2007-10-31 15:55

reporter   ~0016041

I also agree. I run Mantis on a Windows server and rewrites like the above don't work without some drama.

pluntke

pluntke

2008-01-24 15:23

reporter   ~0016800

I can't reproduce the problem in mantis 1.1.0.
I still use the code modification mentioned in 0008277:0016008.

Can anyone else please check if this issue is solved?

pluntke

pluntke

2008-01-24 15:34

reporter   ~0016802

... with or without my small addition?

keylevel

keylevel

2008-10-14 07:31

reporter   ~0019550

Making these changes:

function auth_mantis(){
$this->cando['external'] = true;
$this->cando['logoff' ] = true; // module has a logoff method
}

/**

  • Authenticates the user using Mantis APIs.
    */
    function trustExternal ( $user, $pass, $sticky = false )
    {
    global $USERINFO;
    global $conf;

    $ValidUser = false;

    // Has a user name been provided?
    if ( !empty ( $user ) )
    {
    // User name provided, so login via form in progress...
    // Are the specified user name and password valid?
    if ( auth_attempt_login ( $user, $pass, $sticky ) )
    {
    // Credential accepted...
    $_SERVER['REMOTE_USER'] = $user; // Set the user name (makes things work...)
    $ValidUser = true; // Report success.
    }
    else
    {
    // Invalid credentials
    if ( !$silent )
    {
    msg ( $lang [ 'badlogin' ], -1 );
    }

    $ValidUser = false;

    }
    }
    else
    {
    // No user name provided.
    // Is a user already logged in?
    if ( auth_is_user_authenticated ( ) )
    {
    // Yes, a user is logged in, so set the globals...

    $t_project_name        = getNS                    ( getID ( )       );
    $t_project_id          = project_get_id_by_name   ( $t_project_name );
    $t_access_level        = access_get_project_level ( $t_project_id   );
    $t_access_level_string = strtoupper ( get_enum_to_string ( config_get ( 'access_levels_enum_string' ),  $t_access_level ) );
    
    $USERINFO[ 'pass' ] = current_user_get_field ( 'password'             );
    $USERINFO[ 'name' ] = current_user_get_field ( 'username'             );
    $USERINFO[ 'mail' ] = current_user_get_field ( 'email'                );
    $USERINFO[ 'grps' ] = array                  ( $t_access_level_string );
    
    $_SERVER[ 'REMOTE_USER' ]                        = $USERINFO[ 'name' ];
    $_SESSION[ $conf[ 'title' ]][ 'auth' ][ 'user' ] = $USERINFO[ 'name' ];
    $_SESSION[ $conf[ 'title' ]][ 'auth' ][ 'info' ] = $USERINFO;
    
    $ValidUser = true;

    }
    else
    {
    $ValidUser = false;
    }
    }

    // Is there a valid user login?
    if ( true != $ValidUser )
    {
    // No, so make sure any existing authentication is revoked.
    auth_logoff ( );
    }

    return $ValidUser;
    }

seems to get login/logout working as expected.

trustExternal has more changes in than needed - I like a single point of exit :-) Basic change is to login if a user name is provided and set REMOTE_USER if that succeeds.

Issue History

Date Modified Username Field Change
2007-08-19 02:39 firebus New Issue
2007-10-28 14:09 pluntke Note Added: 0016006
2007-10-28 14:16 pluntke Note Added: 0016008
2007-10-28 14:19 pluntke Note Added: 0016009
2007-10-31 05:13 Silbaer Note Added: 0016036
2007-10-31 11:31 firebus Note Added: 0016039
2007-10-31 15:55 nurikabe Note Added: 0016041
2008-01-24 15:23 pluntke Note Added: 0016800
2008-01-24 15:34 pluntke Note Added: 0016802
2008-10-14 07:31 keylevel Note Added: 0019550
2009-02-16 10:50 MaLS Sponsorship Added MaLS: US$ 10
2009-02-16 10:50 MaLS Sponsorship Total 0 => 10
2013-07-10 09:44 dregad Relationship added related to 0016076