- Homepage: DokuWiki Shibboleth Authentication Plugin
- License: BSD 3 Clause
- Author: Ivan Novakov
DokuWiki is a flexible and simple wiki system written in PHP. Shibboleth is widely used open-source implementation of SAML. DokuWiki supports different authentication plugins and it is easy to write an alternative authentication plugin to integrate your own authentication mechanism within DokuWiki.
This plugin uses a Shibboleth session to authenticate users. It just takes all required information from the environment variables injected by Shibboleth (user's attributes sent by the identity provider).
The plugin requires DokuWiki version 2013-05-10 Weatherwax or newer. The older versions have different authentication structure - authentication backends. In case you have an older version and you don't want to upgrade, you may use the Shibboleth authentication backend.
- PHP >= 5.x
- Shibboleth SP 2.x instance
- DokuWiki 2013-05-10 Weatherwax or newer
- highly configurable
- includes an action plugin to handle login actions
- different group sources
- logging and debugging
You need Shibboleth SP 2.x installed and running. In Apache you have to configure Shibboleth to "know" about your DokuWiki directory:
<Directory "/var/www/sites/dokuwiki/">
AuthType shibboleth
require shibboleth
</Directory>
Clone the repository anywhere on your system. Copy the plugin/authshibboleth
directory to DOKUWIKI_HOME/lib/plugins
.
In DOKUWIKI_HOME/conf/local.conf
set the authtype
directive:
$conf['authtype'] = 'authshibboleth';
Alternatively, you can use the configuration manager.
Now, in most cases, the Shibboleth authentication should work out-of-the-box. But if that is not the case or you need to tune something, there is a bunch of configuration options you can set.
The best way to do this is to copy the conf/authshibboleth.conf.php
file from the repository to DOKUWIKI_HOME/conf
and include it in your DOKUWIKI_HOME/conf/local.protected.php
file (it doesn't exist by default, you have to create it yourself):
include __DIR__ . '/authshibboleth.conf.php';
It's better to use local.protected.php
instead of local.php
, because local.php
may be overwritten if you use the configuration manager.
The authshibboleth.conf.php
file contains all available directives, set to their default values and commented out. If you need to change a directive, just uncomment it and change its value.