Enables single sign-on to DokuWiki using MantisBT as authentication back-end.
Compatible with DokuWiki
This authentication plugin enables single sign-on to DokuWiki, using an external trust mechanism to authenticate users against MantisBT.
It is based upon the original authentication back-end written by Victor Boctor back in 2006.
More information about integrating MantisBT with DokuWiki can be found on the MantisBT Wiki.
This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.
This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
This plugin requires access to a MantisBT instance located on the same server as DokuWiki.
The plugin is compatible with DokuWiki release 2013-05-10 “Weatherwax” and later.
Older releases used authentication back-ends instead of plugins. This code is no longer supported, but still available in for use with DokuWiki releases before 2013-05-10 “Weatherwax”.
MantisBT releases 1.2.x or later and 2.x are fully supported. The plugin may work with earlier releases as well, but this has not been tested.
The MantisBT wiki relies on this plugin since 2013.
Install the plugin following the standard process, then proceed with the next 3 sections.
Setup ACL rules for groups as appropriate for your environment, by defining entries in acl.auth.php
for each access level defined in your MantisBT instance.
For example, with default MantisBT access levels your setup could be:
# MantisBT access levels * @VIEWER 1 * @REPORTER 2 * @UPDATER 4 * @DEVELOPER 8 * @MANAGER 16 * @ADMINISTRATOR 16
In addition to the above, if you want anonymous, read-only access to your wiki for everyone (i.e. including non logged-in users), you could add
* @ALL 1
Please refer to Access Control Lists (ACL)s documentation for further information.
Add the following lines to your local.protected.php
file, adjusting the path to the MantisBT root as appropriate:
# Path to the MantisBT root directory on the server define( 'MANTIS_ROOT', '/path/to/mantisbt/' ); require_once( MANTIS_ROOT . 'core.php' );
Note that this can't be done in the plugin (i.e. with a configuration option), due to conflicts with the declaration of utf8 compatibility functions between MantisBT core and DokuWiki, so the only option for now is to initialize the MantisBT core from the DokuWiki config file.
Now the authmantis back-end can be enabled in the DokuWiki configuration:
Alternatively, you can manually edit the local.php
(or local.protected.php
) file:
$conf['useacl'] = 1; $conf['authtype'] = 'authmantis'; $conf['superuser'] = '@ADMINISTRATOR'; $conf['plugin']['authmantis']['mantis_root'] = '/path/to/mantisbt/';
MantisBT enables Content Security Policy by default. This can cause issues and prevent DokuWiki from functioning properly1) when this plugin is installed.
To fix the problem, please install the cspheader plugin, and configure it as follows:
Directive | Value |
---|---|
script-src | 'self' 'unsafe-inline ' |
style-src | 'self' 'unsafe-inline ' |
img-src | 'self' www.dokuwiki.org data: |
Other settings are left as default (specifically, default-src and base-uri set to 'self
', all other directives empty).
The above settings have been confirmed working with DokuWiki's default template, but may need to be adapted if using a different template or to your sites' specifics.
The complete list of releases and change log is available on Github.
Full Git log.
Please refer to the plugin's Issue tracker on Github.
This plugin is based on the Authentication back-end written by Victor Boctor, published in the MantisBT Wiki back in 2006.
In August 2013, Ventzy Kunev first published another version of this plugin here. His variant was based on the same original source code from the MantisBT Wiki, but considering that it was unmaintained since 2013 (with just a version bump in 2015), the MantisBT team decided to replace Ventzy's original plugin with the one used for the official MantisBT wiki, which differs slightly. At this occasion, this page was almost entirely rewritten.
./conf/local.php
$conf['authtype'] = 'authplain';