Talk:CNM MediaWiki IAM

Potential contractor proposal

Several applicants reached out with their proposals from the job posting on UpWork. Below is a proposal made by one of the potential contractors for CNM MediaWiki IAM.

Contractor NS

NS : I have researched about it and get some points as follow -

LDAP:Authentication integration with MediaWiki

1. Installing required extensions : "LDAPAuthentication2" and "PluggableAuth."

2. Configuring LDAP settings: LocalSettings.php file involves specifying the LDAP server address, port, authentication method, base DN, and search attributes

3. Testing the LDAP connection and verifying it

4. Making LDAP the primary authentication method of MediaWiki by making LDAPAuthentication2 extension the authentication method.

The above points are calculated considering an organization already have an existing LDAP server.

If the organization does not have a ldap server, then we will have to create one specifically for an organization.

Process for creating LDAP server -

We will be using docker to create LDAP server and I've worked on it before but I was not able to access the server as an admin because the credentials I was using were incorrect.

1. Setting up LDAP server using docker

2. Getting into the server and setting it up according to our requirements. (This is a rough idea as I was not able to get to this step. It could take even less or more depending upon the requirements and obstacles)

Additional usages of a LDAP server -

Other than serving as an authentication method, an ldap server can also be used for the following:-

1. Directory Services: it can act as a central repository for all your files and information .

2. Managing Data and Information of users. (incl. Address book and Contact management )

3. Single Sign-On (SSO)- it can help us authenticate users once and make them access information across different platforms and service providers. Users will not have to create different accounts for each platform/service.

So My ballpark estimates is around 40 hours for this above steps. Please let me know if you have any query regarding this.

Gary : Our project slowed down for a while. We hired an expert, but failed to get a solution. The developments are documented on the https://wiki.cnmcyber.com/en/CNM_MediaWiki_IAM wikipage. May you actually integrate LDAP and MediaWiki? If so, please give your budget and schedule estimates.

NS : I would like to discuss the following details -

1. Do you have an existing LDAP server?

2. As I don't have LDAP server so that I am not able to login on there if you have this then I can try this with login?

Gary : That's correct -- we will give you an LDAP server and VM to experiment.

NS : I have connected to the ldap server and I noticed that the LDPAuthentication2 and the PluggableAuth was already installed on the server.

I tried to configure the LocalSettings.php file in MediaWiki source code. I have configured the ldap extensions first by adding a new json file since it does not exist already. After adding the json config file to the ldap server, I will be able to load the extensions and proceed with the testing of ldap and MediaWiki connection.

I will keep you posted about next steps.

NS : I have added the ldap.json file and the extensions are successfully enabled. Since I have added the LdapAuthentication2 plugin, the authentication method of the website is changed and a database error have occurred. I am trying to resolve the errors that are caused after including the plugins.

I will inform you if I need anything from your end. Because the documentations suggest that I will be needing more details of the ldap server.

NS : I have successfully installed the LDAPAuthentication2 plugin and I have also configured it according to the existing user.

Please take a look at the login functionality at https://w1.plzin.com

After completing the integration of LDAPAuthentication and PluggableAuth, I am confident that I will be able to work more on this.

I would like to request you to hire me on upwork for further tasks.