MantisBT Authentication Plugin

Compatible with DokuWiki

2024-02-06 "Kaos" yes
2023-04-04 "Jack Jackrum" yes
2022-07-31 "Igor" yes
2020-07-29 "Hogfather" yes

Enables single sign-on to DokuWiki using MantisBT as authentication back-end.

Last updated on: 2020-06-14
Provides: Auth
Repository: Source

Tagged with authentication, integration, mantis

By Damien Regad, Victor Boctor and other contributors

Description

This authentication plugin enables single sign-on to DokuWiki, using an external trust mechanism to authenticate users against MantisBT.

It is based upon the original authentication back-end written by Victor Boctor back in 2006.

More information about integrating MantisBT with DokuWiki can be found on the MantisBT Wiki.

License

This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.

This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.

Installation

Prerequisites

This plugin requires access to a MantisBT instance located on the same server as DokuWiki.

DokuWiki compatibility

The plugin is compatible with DokuWiki release 2013-05-10 “Weatherwax” and later.

Older releases used authentication back-ends instead of plugins. This code is no longer supported, but still available in for use with DokuWiki releases before 2013-05-10 “Weatherwax”.

MantisBT compatibility

MantisBT releases 1.2.x or later and 2.x are fully supported. The plugin may work with earlier releases as well, but this has not been tested.

The MantisBT wiki relies on this plugin since 2013.

Setup

Install the plugin following the standard process, then proceed with the next 3 sections.

Access Control List Configuration

Setup ACL rules for groups as appropriate for your environment, by defining entries in acl.auth.php for each access level defined in your MantisBT instance.

For example, with default MantisBT access levels your setup could be:

acl.auth.php

# MantisBT access levels
*  @VIEWER         1
*  @REPORTER       2
*  @UPDATER        4
*  @DEVELOPER      8
*  @MANAGER        16
*  @ADMINISTRATOR  16

In addition to the above, if you want anonymous, read-only access to your wiki for everyone (i.e. including non logged-in users), you could add

*  @ALL            1

Please refer to Access Control Lists (ACL)s documentation for further information.

MantisBT Core Initialization

Add the following lines to your local.protected.php file, adjusting the path to the MantisBT root as appropriate:

local.protected.php

# Path to the MantisBT root directory on the server
define( 'MANTIS_ROOT', '/path/to/mantisbt/' );
require_once( MANTIS_ROOT . 'core.php' );

Note that this can't be done in the plugin (i.e. with a configuration option), due to conflicts with the declaration of utf8 compatibility functions between MantisBT core and DokuWiki, so the only option for now is to initialize the MantisBT core from the DokuWiki config file.

Set the Authentication Back-End

Now the authmantis back-end can be enabled in the DokuWiki configuration:

Open the DokuWiki Configuration Manager
In the Authentication section:
- Check Use access control lists
- Select authmantis as Authentication backend
- Add @ADMINISTRATOR in the Superuser field
Save the changes.

Alternatively, you can manually edit the local.php (or local.protected.php) file:

$conf['useacl']      = 1;
$conf['authtype']    = 'authmantis';
$conf['superuser']   = '@ADMINISTRATOR';
$conf['plugin']['authmantis']['mantis_root'] = '/path/to/mantisbt/';

Content Security Policy

MantisBT enables Content Security Policy by default. This can cause issues and prevent DokuWiki from functioning properly¹⁾ when this plugin is installed.

To fix the problem, please install the cspheader plugin, and configure it as follows:

Directive	Value
script-src	`'self' 'unsafe-inline`'
style-src	`'self' 'unsafe-inline`'
img-src	`'self' www.dokuwiki.org data:`

Other settings are left as default (specifically, default-src and base-uri set to 'self', all other directives empty).

The above settings have been confirmed working with DokuWiki's default template, but may need to be adapted if using a different template or to your sites' specifics.

Development

Revision history (Github releases)

The complete list of releases and change log is available on Github.

Recent commits

Bump version by dregad (2020-06-14 17:52)
Update plugin title and description by dregad (2020-06-14 17:49)
README: move install instructions to plugin home page by dregad (2020-06-14 17:45)
README: update compatibility section by dregad (2020-06-09 19:24)
Plugin URL now points to DokuWiki page by dregad (2020-06-09 19:12)

Full Git log.

Known Bugs and Issues

Please refer to the plugin's Issue tracker on Github.

Credits

This plugin is based on the Authentication back-end written by Victor Boctor, published in the MantisBT Wiki back in 2006.

In August 2013, Ventzy Kunev first published another version of this plugin here. His variant was based on the same original source code from the MantisBT Wiki, but considering that it was unmaintained since 2013 (with just a version bump in 2015), the MantisBT team decided to replace Ventzy's original plugin with the one used for the official MantisBT wiki, which differs slightly. At this occasion, this page was almost entirely rewritten.

FAQ

I locked myself out, what do I do now?

Edit your local configuration file ./conf/local.php
Reset authentication to authplain
```
$conf['authtype'] = 'authplain';
```
Save the file

¹⁾

https://github.com/mantisbt/dokuwiki-plugin-authmantis/issues/2

Table of Contents