User Tools

Site Tools


middleware:dokuwiki

Dokuwiki

Installation

Installation instructions for Dokuwiki version 2006-03-09d on Hosting.

  1. Uncompress the archive and remove any .htaccess files
    1. Directory restrictions should be set using the hosting web interface for each directory that contains a .htaccess file
  2. Create an empty file called changes.log in the data directory
  3. Add interwiki links for pubs directory by editing conf/interwiki.conf:
    +pubs    http://www.middleware.vt.edu/pubs/{NAME}
    +media   http://www.middleware.vt.edu/data/media/{NAME}

Make sure the data/media directory is world readable.

  1. Modify lib/exe/css.php to work with both HTTP and HTTPS:
    s/DOKU_BASE/'http:\/\/www.middleware.vt.edu\/'/g
    s/DOKU_TPL/'http:\/\/www.middleware.vt.edu\/lib\/tpl\/default\/'/g
  2. Suppress TLS warning for non https pages by editing inc/auth/ldap.class.php and commenting out the call to the msg() function
  3. Edit the html_login function in inc/html.php to submit to https on login request:
    -    <form action="<?php echo script()?>" accept-charset="<?php echo $lang['encoding']?>" method="post">
    +    <?php $secureHosting = 'https://secure.hosting.vt.edu'; ?>
    +    <?php if (strstr(script(), 'www.middleware.vt.edu')) { ?>
    +    <form action="<?php echo $secureHosting.script()?>" accept-charset="<?php echo $lang['encoding']?>" method="post">
    +    <?php } else { ?>
    +    <form action="<?php echo $secureHosting.'/www.middleware.vt.edu'.script()?>" accept-charset="<?php echo $lang['encoding']?>" method="post">
    +    <?php } ?>
  4. Copy directory structure to the hosting server
  5. Create conf/local.php:
    <?
    $conf['start']       = 'middleware';
    $conf['title']       = 'MiddlewareWiki';
    /* Authentication Options */
    $conf['useacl']      = 1;
    $conf['superuser']   = '@admin';
    $conf['openregister']= 0;
    $conf['authtype']    = 'edldap';
    /* Ldap Options */
    $conf['auth']['ldap']['server']      = 'ldap://authn.directory.vt.edu';
    $conf['auth']['ldap']['usertree']    = 'ou=People,dc=vt,dc=edu';
    $conf['auth']['ldap']['userfilter']  = '(uupid=%{user})';
    $conf['auth']['ldap']['grouptree']    = 'ou=Groups,dc=vt,dc=edu';
    $conf['auth']['ldap']['groupfilter']  = '(member=%{dn})';
    $conf['auth']['ldap']['version']     = 3;
    $conf['auth']['ldap']['starttls']    = 1;
    ?>
  6. Create inc/auth/edldap.class.php:
    <?
    require_once(DOKU_INC.'inc/auth/ldap.class.php');
    class auth_edldap extends auth_ldap {
      function getUserData($user) {
        global $conf;
        if(!$this->_openLDAP()) return false;
        $info['user']   = $user;
        $info['server'] = $this->cnf['server'];
        if ($this->con) {
          @ldap_bind($this->con);
          $this->bound = false;
        }
        // get info for given user
        $base = $this->_makeFilter($this->cnf['usertree'], $info);
        if(!empty($this->cnf['userfilter'])) {
          $filter = $this->_makeFilter($this->cnf['userfilter'], $info);
        } else {
          $filter = "(ObjectClass=*)";
        }
        $sr     = @ldap_search($this->con, $base, $filter);
        $result = @ldap_get_entries($this->con, $sr);
        // Don't accept more or less than one response
        if($result['count'] != 1){
          return false; //user not found
        }
        $user_result = $result[0];
        ldap_free_result($sr);
        // general user info
        $info['dn']   = $user_result['dn'];
        $info['mail'] = $user_result['mail'][0];
        $info['name'] = $user_result['cn'][0];
        $info['grps'] = array();
        //get groups for given user if grouptree is given
        if ($this->cnf['grouptree'] && $this->cnf['groupfilter']) {
          $base   = $this->_makeFilter($this->cnf['grouptree'], $user_result);
          $filter = $this->_makeFilter($this->cnf['groupfilter'], $user_result);
          $authzParentGroup = 'uugid=middleware.wiki.authz';
          $authzGroups = array();
          $sr = @ldap_search($this->con, $base, $authzParentGroup, array('member'));
          $result = @ldap_first_entry($this->con, $sr);
          $authzGroups = ldap_get_values($this->con, $result, 'member');
          unset($authzGroups['count']);
          ldap_free_result($sr);
          $sr = @ldap_search($this->con, $base, $filter, array());
          $result = @ldap_get_entries($this->con, $sr);
          ldap_free_result($sr);
          $userGroups = array();
          foreach($result as $grp){
            if (!empty($grp))
              $userGroups = array_merge($userGroups, $this->getGroupMembership($grp['dn']));
          }
          foreach($userGroups as $grp) {
            if(in_array($grp, $authzGroups)) {
              $info['grps'][] = substr(strtok($grp, ','), strlen('uugid='));
            }
          }
        }
        // always add the default group to the list of groups
        if(!in_array($conf['defaultgroup'],$info['grps']))
          $info['grps'][] = $conf['defaultgroup'];
        return $info;
      }
      function getGroupMembership($group) {
        $groups = array($group);
        $grp = strtok($group, ',');
        $sr = @ldap_search($this->con, $this->cnf['grouptree'], $grp, array('groupMembership'));
        $result = @ldap_first_entry($this->con, $sr);
        if ($result !== false) {
          $parentGroups = @ldap_get_values($this->con, $result, 'groupMembership');
          unset($parentGroups['count']);
          ldap_free_result($sr);
          if ($parentGroups !== false) {
            foreach($parentGroups as $parentGroup) {
              $groups = array_merge($groups, $this->getGroupMembership($parentGroup));
            }
          }
        }
        return $groups;
      }
    }
    ?>
  7. Create group named middleware.wiki.authz
    1. Create child groups to represent privileges (middleware.wiki.authz.admin), as members of middleware.wiki.authz
    2. Place users in groups accordingly
  8. Create conf/acl.auth.php, or use ACL manager in the web interface
  • add the following text to the inc/lang/en/lang.php file:
    $lang['btn_print_view'] = 'Print view';
  • change the html_editbutton() function in inc/html.php to include a print view button:
         if($INFO['writable']){
           if($INFO['exists']){
             $r = html_btn('edit',$ID,'e',array('do' => 'edit','rev' => $REV),'post');
    +        $r .= html_btn('print_view',$ID,'',array('do' => 'export_html'));
           }else{
             $r = html_btn('create',$ID,'e',array('do' => 'edit','rev' => $REV),'post');
           }
         } else {
           $r = html_btn('source',$ID,'v',array('do' => 'edit','rev' => $REV),'post');
    +      $r .= html_btn('print_view',$ID,'',array('do' => 'export_html'));
         }
  • change the tpl_metaheaders() function in inc/template.php to use print.css when export_html is called:
    - ptln('<link rel="stylesheet" media="screen" type="text/css" href="'.DOKU_BASE.'lib/exe/css.php" />', $it);
    - ptln('<link rel="stylesheet" media="print" type="text/css" href="'.DOKU_BASE.'lib/exe/css.php?print=1" />', $it);
    + if ($ACT=='export_xhtml') {
    +   ptln('<link rel="stylesheet" media="screen" type="text/css" href="http://www.middleware.vt.edu/lib/tpl/default/print.css" />', $it);
    +   ptln('<link rel="stylesheet" media="print" type="text/css" href="http://www.middleware.vt.edu/lib/tpl/default/print.css" />', $it);
    + } else {
    +   ptln('<link rel="stylesheet" media="screen" type="text/css" href="'.DOKU_BASE.'lib/exe/css.php" />', $it);
    +   ptln('<link rel="stylesheet" media="print" type="text/css" href="'.DOKU_BASE.'lib/exe/css.php?print=1" />', $it);
    + }
  • change lib/tpl/default/print.css to use print friendly fonts:
    - font: 12pt "Lucida Grande", Verdana, Lucida, Helvetica, Arial, sans-serif;
    + font: 12pt "Times New Roman", Times, serif;
    - font-family: "Lucida Grande", Verdana, Lucida, Helvetica, Arial, sans-serif;
    + font-family: "Times New Roman", Times, serif;

Export PDF Support

  • download html2fpdf and extract into the dokuwiki root directory
  • add the following text to the inc/lang/en/lang.php file:
    $lang['btn_print_pdf'] = 'Export PDF';
  • change the html_editbutton() function in inc/html.php to include an export pdf button:
         if($INFO['writable']){
           if($INFO['exists']){
             $r = html_btn('edit',$ID,'e',array('do' => 'edit','rev' => $REV),'post');
    +        $r .= html_btn('print_pdf',$ID,'',array('do' => 'export_pdf'));
           }else{
             $r = html_btn('create',$ID,'e',array('do' => 'edit','rev' => $REV),'post');
           }
         } else {
           $r = html_btn('source',$ID,'v',array('do' => 'edit','rev' => $REV),'post');
    +      $r .= html_btn('print_pdf',$ID,'',array('do' => 'export_pdf'));
         }
  • change the act_export() function in inc/actions.php to process pdf requests:
    +    if ($act == 'export_pdf') {
    +      $url = wl($ID, array('rev' => $REV, 'do' => 'export_html'), true);
    +      output_pdf($url);
    +      exit;
    +    }
  • change the act_export() function in inc/actions.php to remove the table of contents on export_xhtml:
    -    print p_wiki_xhtml($ID,$REV,false);
    +    $HTML = p_wiki_xhtml($ID,$REV,false);
    +    $HTML = preg_replace("'<div class=\"toc\">.*?</div>\n</div>'si",'',$HTML);
    +    print $HTML;
  • add a function to inc/common.php to export PDF:
    function output_pdf($url) {
      require_once("html2pdf/html2fpdf.php");
      $PDF = new HTML2FPDF();
      $PDF->UseTableHeader(false);
      $PDF->AddPage();
      $PDF->setBasePath(dirname(dirname(__FILE__)));
      $PDF->writeHTML(file_get_contents(html_entity_decode($url)));
      $PDF->Output();
    }

CAS Support

  • Download phpCAS and add the CAS directory to a directory in the PHP search path.
  • Download the PHP DB library and copy DB.php and the DB directory to a directory in the PHP search path.
  • Edit doku.php to override the standard login and logout:
   //send 404 for missing pages if configured
  if($conf['send404'] && !$INFO['exists']){
    header('HTTP/1.0 404 Not Found');
  }
 
+ if($ACT == 'login') {
+   phpCAS::setFixedServiceURL(
+     'https://secure.hosting.vt.edu/www.middleware.vt.edu/doku.php?'.
+     $_SERVER["QUERY_STRING"]);
+   phpCAS::forceAuthentication();
+ }
+
+ if($ACT == 'logout') {
+   phpCAS::logout();
+ }
  • Create inc/auth/cas.class.php:
<?
require_once(DOKU_INC.'inc/auth/ldap.class.php');
require_once(DOKU_INC.'inc/auth/edldap.class.php');
include_once(DOKU_INC.'CAS/CAS.php');
 
phpCAS::client(CAS_VERSION_2_0, 'auth.vt.edu', 443, '');
 
class auth_cas extends auth_edldap {
    function auth_cas() {
        global $conf;
        $this->cando['external'] = true;
        $this->auth_edldap();
    }
 
    function trustExternal($user,$pass,$sticky=false){
        global $USERINFO;
        global $conf;
        $sticky ? $sticky = true : $sticky = false; //sanity check
 
        $session = $_SESSION[$conf['title']]['auth'];
 
        if(phpCAS::isAuthenticated()) {
            $user = phpCAS::getUser();
 
            if(isset($session)) {
                $_SERVER['REMOTE_USER'] = $user;
                $USERINFO = $session['info'];
                $_SESSION[$conf['title']]['auth']['user'] = $user;
                $_SESSION[$conf['title']]['auth']['pass'] = $session['pass'];
                $_SESSION[$conf['title']]['auth']['info'] = $USERINFO;
                $_SESSION[$conf['title']]['auth']['buid'] = $session['buid'];
            }
            else {
                $USERINFO = $this->getUserData($user);
                $_SERVER['REMOTE_USER'] = $user;
                $_SESSION[$conf['title']]['auth']['user'] = $user;
                $_SESSION[$conf['title']]['auth']['pass'] = $pass;
                $_SESSION[$conf['title']]['auth']['info'] = $USERINFO;
                $_SESSION[$conf['title']]['auth']['buid'] = auth_browseruid();
            }
 
            return true;
        }
 
        return false;
    }
}
?>
  • Edit conf/local.php to use cas.class.php:
- $conf['authtype']    = 'edldap';
+ $conf['authtype']    = 'cas';

authplaincas support

  • Clone authplaincas to dokuwiki/lib/plugins:
    git clone https://github.com/dhawes/authplaincas.git
  • Set the following in authplaincas/conf/default.php:
    $conf['server'] = 'auth.vt.edu';
    $conf['rootcas'] = '';
    $conf['port'] = '443';
    $conf['samlValidate'] = 1;
  • Add the following to dokuwiki/conf/local.php:
    $conf['useacl'] = 1;
    $conf['authtype'] = 'authplaincas';
  • Set up your ACLs based on ED Groups. Exammple:
    middleware:*                             @middleware%2ewiki%2eauthz%2eadmin 16
    middleware:*                             @middleware%2estaff            8
  • Add the following file to dokuwiki/conf/plaincas.settings.php to map groups to dokuwiki. The key here is to make sure your group to ACL mapping is correct in plaincas_group_patterns().
    <?php
    /*
     * The function purecas_group_patterns has to return an array
     * with the groups as keys and the corresponding regular expressions as values.
     * Other groups can be assigned with the custom groups. 
     */
    function plaincas_group_patterns() {
      $casGroups = array(
        'middleware.wiki.authz.admin' => '/^uugid=middleware.wiki.authz.admin,ou=Groups,dc=vt,dc=edu$/',
        'middleware.staff' => '/^uugid=middleware.staff,ou=Groups,dc=vt,dc=edu$/',
     
      );
     
      return $casGroups;
    }
     
    /*
     * The function purecas_pattern_attributes has to return an array
     * with the CAS attributes which will be matched against the regular expressions
     * $attributes = phpCAS::getAttributes();
     */
    function plaincas_pattern_attributes( $attributes ){
      if (is_array($attributes['groupMembership'])) {
        return $attributes['groupMembership'];
      }
      else {
        return array($attributes['groupMembership']);
      }
    }
     
    /*
     * The function purecas_user_attributes has to return an array
     * with keys 'name' and 'mail' representing the user.
     * $attributes = phpCAS::getAttributes();
     */
    function plaincas_user_attributes( $attributes ){
      return array(
        'name' => $attributes['first'] . ' ' . $attributes['last'],
        'mail' => $attributes['mail'],
      );
    }
     
    /*
     * The function plaincas_custom_groups has to return an array
     * with groupnames as keys and an array or usernames.
     * 
     * Custom groups are independent of CAS attributes or groups but the group names can be the same.
     */
    function plaincas_custom_groups(){
      $customGroups = array(
        'group1' => array('username1', 'userame2'),
        'group2' => array('username3', 'userame4'),
      );
     
      return array();
    }
    ?>
middleware/dokuwiki.txt · Last modified: 2015/06/01 12:02 (external edit)