Jump to content

Proceedings:RL1/Full text

From Wikimania

This Proceedings page is awaiting attention from one of the Editors.

Notes for the Enterprise MediaWiki session, which occurred Friday, 14:30-15:30 in Pound 335.

New Enterprise Mailing List

Created during this session: http://mail.wikimedia.org/mailman/listinfo/mediawiki-enterprise

Authentication plugins

  • AuthPlugin interface
  • Ryan Lane's LDAP plugin
  • OpenID, etc.
  • Other work?

Granular access control in general

  • Quoting Brion's email from November, 2005:
    The main thing is that we (at least I ;) don't want to have to maintain code that's totally useless to us, and a security layer adds maintenance obligations to that useless-to-us code (if there's a hole, we have to patch it and issue new releases, and if it exists people are more likely to want to rely on it, increasing the weight of the obligation). Thus my knee-jerk reaction is [ to suggest forking MediaWiki ]; if somebody wants to maintain such a beast, let them.
    [ Submitting patches to extend the MediaWiki core to allow for a security layer ] is possibly appropriate though; I hacked in the AuthPlugin so people could work on things like the LDAP and other custom authentication interop things separately from the main code, without adding too much to the core code complexity (and others have helped improve it, and it could probably still use improvement ;)
    It might make sense to have a similar access control interface which can then be plugged in, though I'm not sure how much plugging would really need to be done if the infrastructure for all the plug points would actually be there.

Read-restricted access

  • Fraught with problems
    • Page transclusion
    • Export hooks
    • Page history
    • Searching
  • Even harder: confidential page names

You might set up a hot mirror. Point authors at the master wiki with htacces protection, point users at a read-only mirrors. Once you set it up, maintenance is trivial. This tells how to mirror the OpenZaurus wiki: http://wiki.openzaurus.org/Admin/MirrorHowto . You may be able to adapt these instructions to set up your own master and any number of read-only mirrors. My mirrors update nightly; updates up to every 10 minutes should be feasible depending on the number and size of your pages. Contact me if you have any questions: bronson@rinspin.com

External Authorization plugins

  • What this means: being able to manage group memberships in external database rather than in internal database
  • Not really being done (?)
  • How to do it: override User.php?
  • Other hooks?
  • OpenID is in MediaWiki svn. It's live at http://wikitravel.org/review/Special:OpenIDLogin

New distribution mechanisms

  • Debian package for MediaWiki
  • RPM (?)
  • Does a PEAR distribution make sense?
  • Does it make sense to package MediaWiki extensions as .deb/.rpm/PEAR thingies?
  • I mentioned automating maintaining multiple instances using svk during the talk. It works well. I will try to write an article about it in the next few days; check http://u32.net or bug me: bronson@rinspin.com

Structured data in enterprise use


  • Issue discussed extensively at Hacking Days
  • Several non-MediaWiki markup solutions (FCKEditor very popular here)
  • Challenge for mainstream solution: lack of formal Wiki-syntax definition

Other stuff

  • Marking stable/approved versions of articles
  • Training