#2966: GRASS GIS wiki: connect to OSGeo LDAP
---------------------------+-----------------------------
Reporter: neteler | Owner: sac@…
Type: task | Status: new
Priority: normal | Milestone: Unplanned
Component: Systems Admin | Keywords: mediawiki, ldap
---------------------------+-----------------------------
Given the tons of spam registrations, we would like to see the GRASS GIS
wiki connected to OSGeo's LDAP.
Perhaps the approach of the main OSGeo Wiki could be cloned here?
--
Ticket URL: <https://trac.osgeo.org/osgeo/ticket/2966>
OSGeo <Gter - OSGeo;
OSGeo committee and general foundation issue tracker.
#2966: GRASS GIS wiki: connect to OSGeo LDAP
-----------------------------+---------------------------------------
Reporter: neteler | Owner: sac@…
Type: task | Status: new
Priority: normal | Milestone: Sysadmin Contract 2023-I
Component: Systems Admin | Resolution:
Keywords: mediawiki, ldap |
-----------------------------+---------------------------------------
Changes (by robe):
* milestone: Unplanned => Sysadmin Contract 2023-I
Comment:
@neteler,
How many accounts do you have in Grass GIS Wiki so far. I'm thinking for
Grass, might be easier to just have the LDAP plugin and I manually merge
the existing accounts to their LDAP.
Or we could do the same. Anyway I can setup a dev for this on our dev
server with ldap and wikitoldap plugin installed and see if that works
okay.
--
Ticket URL: <https://trac.osgeo.org/osgeo/ticket/2966#comment:1>
OSGeo <https://osgeo.org/>
OSGeo committee and general foundation issue tracker.
#2966: GRASS GIS wiki: connect to OSGeo LDAP
-----------------------------+---------------------------------------
Reporter: neteler | Owner: sac@…
Type: task | Status: new
Priority: normal | Milestone: Sysadmin Contract 2023-I
Component: Systems Admin | Resolution:
Keywords: mediawiki, ldap |
-----------------------------+---------------------------------------
Comment (by neteler):
Looking at https://grasswiki.osgeo.org/w/index.php?title=Special:ListUsers
there are currently 748 users plus some hundred blocked spammers.
However, only a fraction of these > 700 users registered since 2008 will
be still valid/active.
--
Ticket URL: <https://trac.osgeo.org/osgeo/ticket/2966#comment:2>
OSGeo <https://osgeo.org/>
OSGeo committee and general foundation issue tracker.
#2966: GRASS GIS wiki: connect to OSGeo LDAP
-----------------------------+---------------------------------------
Reporter: neteler | Owner: sac@…
Type: task | Status: new
Priority: normal | Milestone: Sysadmin Contract 2023-I
Component: Systems Admin | Resolution:
Keywords: mediawiki, ldap |
-----------------------------+---------------------------------------
Comment (by neteler):
@robe: we'd be happy to proceed on the grasswiki-ldap connection. If you
see a chance...
--
Ticket URL: <https://trac.osgeo.org/osgeo/ticket/2966#comment:3>
OSGeo <https://osgeo.org/>
OSGeo committee and general foundation issue tracker.
#2966: GRASS GIS wiki: connect to OSGeo LDAP
-----------------------------+---------------------------------------
Reporter: neteler | Owner: sac@…
Type: task | Status: new
Priority: normal | Milestone: Sysadmin Contract 2023-I
Component: Systems Admin | Resolution:
Keywords: mediawiki, ldap |
-----------------------------+---------------------------------------
Comment (by robe):
Yap I'll try to get the ball rolling probably sometime this weekend or
later in the week.
--
Ticket URL: <https://trac.osgeo.org/osgeo/ticket/2966#comment:4>
OSGeo <https://osgeo.org/>
OSGeo committee and general foundation issue tracker.
#2966: GRASS GIS wiki: connect to OSGeo LDAP
-----------------------------+---------------------------------------
Reporter: neteler | Owner: sac@…
Type: task | Status: new
Priority: normal | Milestone: Sysadmin Contract 2023-I
Component: Systems Admin | Resolution:
Keywords: mediawiki, ldap |
-----------------------------+---------------------------------------
Comment (by robe):
I set up a dev server to get the ball rolling which is just snapshot of
prod
https://grasswiki.staging.osgeo.org/wiki/GRASS-Wiki
I'll test out upgrading the wiki and then incorporating LDAP
authentication on this. I'll let you know once it's ready to test out.
--
Ticket URL: <https://trac.osgeo.org/osgeo/ticket/2966#comment:5>
OSGeo <https://osgeo.org/>
OSGeo committee and general foundation issue tracker.
#2966: GRASS GIS wiki: connect to OSGeo LDAP
-----------------------------+---------------------------------------
Reporter: neteler | Owner: sac@…
Type: task | Status: new
Priority: normal | Milestone: Sysadmin Contract 2023-I
Component: Systems Admin | Resolution:
Keywords: mediawiki, ldap |
-----------------------------+---------------------------------------
Comment (by robe):
Still working thru this as I feared because grasswiki is running mediawiki
1.37, getting I think it might be the same error i got when trying to
upgrade wiki past 1.3.5
{{{
[19455a4cf382d9ed0706a41e] /wiki/Special:PluggableAuthLogin Error: Call to
a member function getAuthManager() on null
Backtrace:
from /var/www/grass/grass-
wiki/w/extensions/LDAPAuthentication2/src/PluggableAuth.php(280)
#0 /var/www/grass/grass-
wiki/w/extensions/WikiToLDAP/includes/PluggableAuth.php(54):
MediaWiki\Extension\LDAPAuthentication2\PluggableAuth->getAuthManager()
#1 /var/www/grass/grass-
wiki/w/extensions/PluggableAuth/includes/PluggableAuthLogin.php(36):
MediaWiki\Extension\WikiToLDAP\PluggableAuth->authenticate()
#2 /var/www/grass/grass-wiki/w/includes/specialpage/SpecialPage.php(647):
PluggableAuthLogin->execute()
#3 /var/www/grass/grass-
wiki/w/includes/specialpage/SpecialPageFactory.php(1366):
SpecialPage->run()
#4 /var/www/grass/grass-wiki/w/includes/MediaWiki.php(314):
MediaWiki\SpecialPage\SpecialPageFactory->executePath()
#5 /var/www/grass/grass-wiki/w/includes/MediaWiki.php(930):
MediaWiki->performRequest()
#6 /var/www/grass/grass-wiki/w/includes/MediaWiki.php(564):
MediaWiki->main()
#7 /var/www/grass/grass-wiki/w/index.php(53): MediaWiki->run()
#8 /var/www/grass/grass-wiki/w/index.php(46): wfIndexMain()
#9 {main}
}}}
Anyway it sounds like there might have been a major change with newer
PlugabbleAuth so I may need to set some other items
https://www.mediawiki.org/wiki/Extension:PluggableAuth
as discussed there:
{{{
Versions 6.0 and 7.0.0 of PluggableAuth are significant upgrades. The
configuration variable $wgPluggableAuth_Config is required in version 6.0
and later. The plugins must be compatible with the version of
PluggableAuth installed.
}}}
So I need to check the versions of things to make sure I am running the
right things
--
Ticket URL: <https://trac.osgeo.org/osgeo/ticket/2966#comment:6>
OSGeo <https://osgeo.org/>
OSGeo committee and general foundation issue tracker.
#2966: GRASS GIS wiki: connect to OSGeo LDAP
-----------------------------+---------------------------------------
Reporter: neteler | Owner: sac@…
Type: task | Status: new
Priority: normal | Milestone: Sysadmin Contract 2023-I
Component: SysAdmin | Resolution:
Keywords: mediawiki, ldap |
-----------------------------+---------------------------------------
Comment (by annakrat):
Any update on this? Signing up for GRASS wiki is rather difficult due to
all the spam. Thanks
--
Ticket URL: <https://trac.osgeo.org/osgeo/ticket/2966#comment:7>
OSGeo <https://osgeo.org/>
OSGeo committee and general foundation issue tracker.
#2966: GRASS GIS wiki: connect to OSGeo LDAP
-----------------------------+---------------------------------------
Reporter: neteler | Owner: sac@…
Type: task | Status: new
Priority: normal | Milestone: Sysadmin Contract 2023-I
Component: SysAdmin | Resolution:
Keywords: mediawiki, ldap |
-----------------------------+---------------------------------------
Comment (by robe):
Sadly not yet. Plan to work on this some more this weekend.
--
Ticket URL: <https://trac.osgeo.org/osgeo/ticket/2966#comment:8>
OSGeo <https://osgeo.org/>
OSGeo committee and general foundation issue tracker.
#2966: GRASS GIS wiki: connect to OSGeo LDAP
-----------------------------+---------------------------------------
Reporter: neteler | Owner: sac@…
Type: task | Status: new
Priority: normal | Milestone: Sysadmin Contract 2023-I
Component: SysAdmin | Resolution:
Keywords: mediawiki, ldap |
-----------------------------+---------------------------------------
Comment (by robe):
Okay I finally got ldap working on the staging server. I don't have a
local account so not sure the wikiToLDAP migration piece is working, since
it would only kick in for existing accounts. But I was able to log in with
my OSGeo account.
As part of the process I also upgraded to wiki 1.39, since 1.37 is no
longer considered LTS.
Please give a try here: https://grasswiki.staging.osgeo.org
and let me know if all seems to be working. The renaming accounts does
seem to have worked. They are all prefixed with triangles (the default
prefix of wikiToLdap)
--
Ticket URL: <https://trac.osgeo.org/osgeo/ticket/2966#comment:9>
OSGeo <https://osgeo.org/>
OSGeo committee and general foundation issue tracker.
#2966: GRASS GIS wiki: connect to OSGeo LDAP
-----------------------------+---------------------------------------
Reporter: neteler | Owner: sac@…
Type: task | Status: new
Priority: normal | Milestone: Sysadmin Contract 2023-I
Component: SysAdmin | Resolution:
Keywords: mediawiki, ldap |
-----------------------------+---------------------------------------
Comment (by neteler):
Great work, robe!
I could successfully login and edit (see
https://grasswiki.staging.osgeo.org/wiki/Special:RecentChanges).
--
Ticket URL: <https://trac.osgeo.org/osgeo/ticket/2966#comment:10>
OSGeo <https://osgeo.org/>
OSGeo committee and general foundation issue tracker.
#2966: GRASS GIS wiki: connect to OSGeo LDAP
-----------------------------+---------------------------------------
Reporter: neteler | Owner: sac@…
Type: task | Status: new
Priority: normal | Milestone: Sysadmin Contract 2023-I
Component: SysAdmin | Resolution:
Keywords: mediawiki, ldap |
-----------------------------+---------------------------------------
Comment (by robe):
Replying to [comment:10 neteler]:
> Great work, robe!
>
> I could successfully login and edit (see
https://grasswiki.staging.osgeo.org/wiki/Special:RecentChanges).
Not sure this is an issue, I do see your old account is gone as expected,
but your new account doesn't seem to be member of bureacrat. Do you have
admin rights you see or no?
If not have to figure out what went wrong there.
--
Ticket URL: <https://trac.osgeo.org/osgeo/ticket/2966#comment:11>
OSGeo <https://osgeo.org/>
OSGeo committee and general foundation issue tracker.
#2966: GRASS GIS wiki: connect to OSGeo LDAP
-----------------------------+---------------------------------------
Reporter: neteler | Owner: sac@…
Type: task | Status: new
Priority: normal | Milestone: Sysadmin Contract 2023-I
Component: SysAdmin | Resolution:
Keywords: mediawiki, ldap |
-----------------------------+---------------------------------------
Comment (by robe):
Okay maybe it's just a security thing it doesn't show those on the user
page.
I see you listed here - https://grasswiki.staging.osgeo.org/wiki/GRASS-
Wiki:Administrators
and your's is hyperlinked but Martin's isn't presumably because he has not
merged his account.
--
Ticket URL: <https://trac.osgeo.org/osgeo/ticket/2966#comment:12>
OSGeo <https://osgeo.org/>
OSGeo committee and general foundation issue tracker.
#2966: GRASS GIS wiki: connect to OSGeo LDAP
-----------------------------+---------------------------------------
Reporter: neteler | Owner: sac@…
Type: task | Status: new
Priority: normal | Milestone: Sysadmin Contract 2023-I
Component: SysAdmin | Resolution:
Keywords: mediawiki, ldap |
-----------------------------+---------------------------------------
Comment (by martinl):
I tried to log in on staging using my LDAL credentials and it works!
Thanks for your effort!
--
Ticket URL: <https://trac.osgeo.org/osgeo/ticket/2966#comment:13>
OSGeo <https://osgeo.org/>
OSGeo committee and general foundation issue tracker.
#2966: GRASS GIS wiki: connect to OSGeo LDAP
-----------------------------+---------------------------------------
Reporter: neteler | Owner: sac@…
Type: task | Status: new
Priority: normal | Milestone: Sysadmin Contract 2023-I
Component: SysAdmin | Resolution:
Keywords: mediawiki, ldap |
-----------------------------+---------------------------------------
Comment (by annakrat):
Thanks! I don't think the user rights work yet, I should be in
administrators too, and I don't see neteler there either:
https://grasswiki.staging.osgeo.org/w/index.php?title=Special%3AUserRights&user=Annakrat
--
Ticket URL: <https://trac.osgeo.org/osgeo/ticket/2966#comment:14>
OSGeo <https://osgeo.org/>
OSGeo committee and general foundation issue tracker.
#2966: GRASS GIS wiki: connect to OSGeo LDAP
-----------------------------+---------------------------------------
Reporter: neteler | Owner: sac@…
Type: task | Status: new
Priority: normal | Milestone: Sysadmin Contract 2023-I
Component: SysAdmin | Resolution:
Keywords: mediawiki, ldap |
-----------------------------+---------------------------------------
Comment (by robe):
Replying to [comment:14 annakrat]:
> Thanks! I don't think the user rights work yet, I should be in
administrators too, and I don't see neteler there either:
>
>
https://grasswiki.staging.osgeo.org/w/index.php?title=Special%3AUserRights&user=Annakrat
Okay I'll investigate this a bit more to see what could be wrong. Are any
of you neteler, martinl, annakrat able to do any admin things?
Wondering if it's just the merge is not working so not carrying over your
permissions or its just a display issue.
--
Ticket URL: <https://trac.osgeo.org/osgeo/ticket/2966#comment:15>
OSGeo <https://osgeo.org/>
OSGeo committee and general foundation issue tracker.
#2966: GRASS GIS wiki: connect to OSGeo LDAP
-----------------------------+---------------------------------------
Reporter: neteler | Owner: sac@…
Type: task | Status: new
Priority: normal | Milestone: Sysadmin Contract 2023-I
Component: SysAdmin | Resolution:
Keywords: mediawiki, ldap |
-----------------------------+---------------------------------------
Comment (by neteler):
I have way less menu entries in the left side menu.
However, https://grasswiki.staging.osgeo.org/wiki/Special:SpecialPages
looks the same as in the production wiki.
--
Ticket URL: <https://trac.osgeo.org/osgeo/ticket/2966#comment:16>
OSGeo <https://osgeo.org/>
OSGeo committee and general foundation issue tracker.
#2966: GRASS GIS wiki: connect to OSGeo LDAP
-----------------------------+---------------------------------------
Reporter: neteler | Owner: sac@…
Type: task | Status: new
Priority: normal | Milestone: Sysadmin Contract 2023-I
Component: SysAdmin | Resolution:
Keywords: mediawiki, ldap |
-----------------------------+---------------------------------------
Comment (by robe):
I fear those SpecialPages might not be so special. Not sure how to block
them from being seen. I think we have similar issue on wiki.osgeo.org.
I'm going to flash back the staging before you all logged in in a bit and
see if there is some config thing I missed.
--
Ticket URL: <https://trac.osgeo.org/osgeo/ticket/2966#comment:17>
OSGeo <https://osgeo.org/>
OSGeo committee and general foundation issue tracker.
#2966: GRASS GIS wiki: connect to OSGeo LDAP
-----------------------------+---------------------------------------
Reporter: neteler | Owner: sac@…
Type: task | Status: new
Priority: normal | Milestone: Sysadmin Contract 2023-I
Component: SysAdmin | Resolution:
Keywords: mediawiki, ldap |
-----------------------------+---------------------------------------
Comment (by annakrat):
Replying to [comment:15 robe]:
> Okay I'll investigate this a bit more to see what could be wrong. Are
any of you neteler, martinl, annakrat able to do any admin things?
>
> Wondering if it's just the merge is not working so not carrying over
your permissions or its just a display issue.
I don't have entries in More dropdown on a page to Delete and Protect, not
sure what else to test.
--
Ticket URL: <https://trac.osgeo.org/osgeo/ticket/2966#comment:18>
OSGeo <https://osgeo.org/>
OSGeo committee and general foundation issue tracker.
#2966: GRASS GIS wiki: connect to OSGeo LDAP
-----------------------------+---------------------------------------
Reporter: neteler | Owner: sac@…
Type: task | Status: new
Priority: normal | Milestone: Sysadmin Contract 2023-I
Component: SysAdmin | Resolution:
Keywords: mediawiki, ldap |
-----------------------------+---------------------------------------
Comment (by robe):
Can you try logging in again. I think I missed the
$WikiToLDAPMigrationInProgress = true;
I restored from current prod backup and reran the migration. Please give
a try again and see if you have admin rights after you log in.
--
Ticket URL: <https://trac.osgeo.org/osgeo/ticket/2966#comment:19>
OSGeo <https://osgeo.org/>
OSGeo committee and general foundation issue tracker.