SingleSignOnSMF is an "auth" module of sorts. It doesn't authenticate strictly speaking; it slaves moinmoin to an SMF forum authentication system. It consists of the following rough steps:

Anyway, on to the files. Place PHPUnserialize.py and SingleSignOnSMF.py into your wiki directory along side of wikiconfig.py.

In the wikiconfig.py, you need to configure some lines: 

import SingleSignOnSMF
sso_smf_cookiename = u'SMFCookie10'
sso_smf_host = u'127.0.0.1'
sso_smf_user = u'smf'
sso_smf_passwd = u'yourPasswordHere'
sso_smf_db = u'smf'

auth = [SingleSignOnSMF.SingleSignOnSMF]
user_autocreate = True

The host,user,password, and database items are so the module knows how to connect to your smf database and access the smf_members table to retrieve information. The cookie name is what your smf is configured to use for client cookie storage. And the final lines activate the module and ensure that users can be created as needed in the wiki system.

Since this single sign-on completely bypasses moin's own "login" features, it makes sense to modify some more settings to prevent user confusion. The moin login form and features won't back-end to smf, so there is no point in keeping them (in my scenario). 

user_form_remove = ('name', 'aliasname', 'password', 'password2', 'email')
show_login = 0

As you may tell from the above process, there is not much security used here. The value in the SMF cookie is trusted implicitly to be true. To have slightly more security, you could parse the php session file (as is done in the php_session egroupware auth which is built in) and retreive the same information from there. This would not be much harder or slower, but for my situation I don't require this much security. An outline of the steps that could be used there:

Credits

This is inspired by the JensGeiregat/AuthphpBB auth module.

PHP un-serializer is from Scott Hurring

MoinMoin: GregBell/SingleSignOnSmf (last edited 2007-11-18 08:09:51 by c-315be455)