Announcements about the MediaWiki software and site admin list

headers Adam Meyer | 1 May 2011 02:59 · /W3C/

Im really not one for reasonable solutions if it means inconvenience to the user.

Im looking for ways to integrate single sign on for phpBB and mediawiki.

I have only found one solution, but im wondering how bad of an idea this is.

When a user goes to to mediawiki it does an AJAX call to a phpbb file and checks if the user is logged in or not. If
they are, mediawiki would then force a login for that user. If not, it would force a logout.

I know that the AJAX response can be faked pretty easily by setting a stop point in fire bug or console, and
changing the return value. So this would easily allow a user to change who they are logged in as.

But what if I included a salted hash and checked the values against that? I think it would only be as strong as
the algorithm.

I just can not keep requiring the 2 sign on thing - It is so confusing on my site.

-Adam

Mon	Tue	Wed	Thu	Fri	Sat	Sun

						1
2	3	4	5	6	7	8
9	10	11	12	13	14	15
16	17	18	19	20	21	22
23	24	25	26	27	28	29
30	31

110	May 2013
142	April 2013
123	March 2013
165	February 2013
194	January 2013
164	December 2012
181	November 2012
164	October 2012
104	September 2012
127	August 2012
146	July 2012
112	June 2012
136	May 2012
122	April 2012
125	March 2012
211	February 2012
188	January 2012
169	December 2011
183	November 2011
145	October 2011
123	September 2011
108	August 2011
147	July 2011
171	June 2011
151	May 2011
242	April 2011
229	March 2011
246	February 2011
266	January 2011
274	December 2010
232	November 2010
288	October 2010
397	September 2010
336	August 2010
280	July 2010
219	June 2010
388	May 2010
244	April 2010
237	March 2010
188	February 2010
199	January 2010
251	December 2009
256	November 2009
148	October 2009
239	September 2009
245	August 2009
286	July 2009
289	June 2009
260	May 2009
234	April 2009
363	March 2009
341	February 2009
275	January 2009
209	December 2008
240	November 2008
329	October 2008
312	September 2008
289	August 2008
242	July 2008
291	June 2008
304	May 2008
325	April 2008
397	March 2008
528	February 2008
526	January 2008
387	December 2007
527	November 2007
689	October 2007
752	September 2007
798	August 2007
810	July 2007
656	June 2007
734	May 2007
775	April 2007
691	March 2007
716	February 2007
924	January 2007
586	December 2006
518	November 2006
630	October 2006
408	September 2006
772	August 2006
720	July 2006
798	June 2006
747	May 2006
762	April 2006
531	March 2006
529	February 2006
544	January 2006
693	December 2005
674	November 2005
644	October 2005
714	September 2005
635	August 2005
375	July 2005
522	June 2005
380	May 2005
593	April 2005
564	March 2005
469	February 2005
435	January 2005
460	December 2004
361	November 2004
387	October 2004
357	September 2004
429	August 2004
190	July 2004
182	June 2004
70	May 2004
86	April 2004
124	March 2004
62	February 2004
34	January 2004
53	December 2003
48	November 2003
9	October 2003
1	May 2001

Using Ajax for single single sign on. How bad of an idea is this?

Re: Using Ajax for single single sign on. How bad of an idea is this?

Re: Using Ajax for single single sign on. How bad of an idea is this?

Re: Using Ajax for single single sign on. How bad of an idea is this?

Re: Right hook to use for head html element?

Vector skin, <html> xmlns disappeared

Re: Right hook to use for head html element?

Re: Using Ajax for single single sign on. How bad of an idea is this?

Re: Using Ajax for single single sign on. How bad of an idea is this?

Re: Right hook to use for head html element?