Hi Valerio and thank you for your help, I'm not a PHP expert and I have tried to remove "interface-admin" and "bureaucrat" lines, but the rights/groups assignment doesn't work.
Are there someone that uses this extension with groups? Thank you for all your help! Marco Il 18/09/19 14:57, Valerio Bozzolan via MediaWiki-l ha scritto: > Hi Marco, > > If there is not enough documentation about that extension I would > suggest to go inside the extension (it seems not that large) and debug > its related code about group handling. > > E.g. I'm looking at the Shibboleth#populateGroups() function and it > seems that it only accepts 'sysop' and 'bureaucrat', so you may need to > patch the extension for your need. > > https://gerrit.wikimedia.org/r/plugins/gitiles/mediawiki/extensions/Shibboleth/+/master/Shibboleth.class.php#60 > > Hoping to have given a starting point, but actually I can't play with > that ecosystem to give more support. > > Good luck for now! > > On Wed, 2019-09-18 at 13:46 +0200, Marco Malavolti wrote: >> Hi to all, >> >> I'm Marco Malavolti from GARR (Italian NREN) and I'm trying to use >> Shibboleth extension for Mediawiki to set user's rights with groups. >> >> https://www.mediawiki.org/wiki/Extension:Shibboleth >> >> I have successfully configured the extension to enable the SSO and it >> works, but I don't know why the following configuration doesn't set >> privilegies/groups to logged users: >> >> wfLoadExtension( 'Shibboleth' ); >> >> $wgShibboleth_Username = 'eppn'; >> $wgShibboleth_Email = 'mail'; >> $wgShibboleth_DisplayName = "cn"; >> $wgShibboleth_Logout_Base_Url = "https://sp.example.org";; >> $wgShibboleth_Logout_Target_Url = '/index.php/Pagina_principale'; >> >> $wgShibboleth_GroupMap = [ 'attr_name' => 'unscoped-affiliation', >> 'sysop' => 'member', >> 'bureaucrat' => 'member', >> 'interface-admin' => 'member', >> ]; >> >> 'unscoped-affiliation' is the eduPersonAffiliation attribute. That >> name >> is what Shibboleth set by default. >> >> I'm using the latest version of the extension provided here: >> >> https://gerrit.wikimedia.org/r/plugins/gitiles/mediawiki/extensions/Shibboleth/+/master >> >> >> Can you help me to understand how to provide group's permission to my >> logged users, please? >> >> Thank you so much for any help you can provide! >> >> -- Marco Malavolti Consortium GARR - Servizio IDEM GARR AAI Via dei Tizii, 6 - I-00185 (ROMA) CF: 97284570583 - PI:07577141000 Tel.: 02 6448 2507 Skype: marco.mala PGP KEY: https://keys.openpgp.org/[email protected] _______________________________________________ MediaWiki-l mailing list To unsubscribe, go to: https://lists.wikimedia.org/mailman/listinfo/mediawiki-l
