Posted by: Josh | April 30, 2010

Integrating Mantis BT, DokuWiki and Mercurial Basic HTTP Authentication

sharedauth

I’ve got three great pieces of software running on my shared host – Mantis Bug Tracker, DokuWiki content manager, and Mercurial source repository. Combined, they make quite a robust system to plan, manage, and develop with.

Problem was, each had their own user account system, and the last thing I needed was to keep track of three more credentials. So the logical solution? Consolidate them.

Accounts created with Mantis BT will now be instantly usable for log-in in DokuWiki, and registered for HTTP Basic Authentication with Mercurial. Want to do the same? Here’s what you’ll need.

This boils down to these software requirements, which many shared hosts freely support:

  • PHP 5.2+
    • MySQL support
    • exec() privilege
  • MySQL 5
  • Python 1.5
  • Apache 2.x server supporting (pretty standard) modules
    • mod_php
    • mod_rewrite
    • mod_mysql
  • Linux server (one that permits executing command htpasswd we’ll find out real quick if this is true)

All three services we install must be on the same server in order to share authentication subsystems.

Installations

My installations were put into it’s own independent sub folder of the root web folder. Initially, they’re going to be independent.

  1. Mantis installed to /home/jcarrier/public_html/mantisbt
    Hereby refered to as ~/mantisbt
  2. DokuWiki installed to /home/jcarrier/public_html/wiki
    Hereby refered to as ~/wiki
    * Note: if prompted during it’s install, use the “ACL” authentication type *
  3. Mercurial installed to /home/jcarrier/public_html/hg
    Hereby refered to as ~/hg
    (links to my previous Hg shared host install guide)

Verify all three installations work before proceeding to integration.

Integrations

We’re going to be making some adjustments to DokuWiki for the integration into Mantis BT. This is based loosely from a guide on DokuWiki’s site by Tiago Gomes, which gave me the foundation to work off of, and makes this post to you possible.

Configuration

In ~/wiki/conf/local.php. Change my site references to yours.

#
# Add the following lines:
#   
define( 'MANTIS_ROOT', '/home/jcarrier/public_html/mantisbt/' );  // file path to Mantis, must terminate with /
define( 'MANTIS_URL', 'http://bugs.joshjcarrier.com/mantisbt' );     // url to Mantis, must terminate with /   #
# Modify the following configuration options to match the values below:
#   
$conf['useacl']       = 1;                // Use Access Control Lists to restrict access?
$conf['authtype']     = 'mantis';         // which authentication backend should be used
$conf['defaultgroup'] = 'VIEWER';         // Default groups new Users are added to
$conf['superuser'] = '@ADMINISTRATOR';    // allows mantis administrator to access dokuwiki admin area

* Note: if you use DokuWiki’s built-in config editor, these changes will be erased, so until I have a permanent-er solution, keep that in mind! *

In ~/mantisbt/config_inc.php, append the following. Change my site references to yours.

#####################

# Wiki Integration

#####################

# Wiki Integration Enabled?

$g_wiki_enable = ON;

# Wiki Engine

$g_wiki_engine = ‘dokuwiki’;

# Wiki namespace to be used as root for all pages relating to this mantis installation.

$g_wiki_root_namespace = ‘project’;

# URL under which the wiki engine is hosted.  Must be on the same server.

$g_wiki_engine_url = ‘
http://wiki.joshjcarrier.com/’; 
$g_cookie_domain = ‘.joshjcarrier.com’;

#####################

# htpasswd_api Integration

#####################

# Apache htpasswd Integration Enabled?

$g_htpasswd_enable = ON;

# htpasswd command client

$g_htpasswd_bin = ‘htpasswd’;

$g_htpasswd_file = ‘/home/jcarrier/.htpasswds/users’;

# htpasswd create format

# \%1$s = username, \%2$s = password

$g_htpasswd_cmd_adduser = $g_htpasswd_bin . ‘ -b ‘ . $g_htpasswd_file . ‘ \%1$s \%2$s’;

$g_htpasswd_cmd_moduser = $g_htpasswd_bin . ‘ -b ‘ . $g_htpasswd_file . ‘ \%1$s \%2$s’;

$g_htpasswd_cmd_deluser = $g_htpasswd_bin . ‘ -D ‘ . $g_htpasswd_file . ‘ \%1$s \%2$s’;

* Note: the $g_htpasswd_file should be the same file referenced as “AuthUserFile” during the .htaccess setup of the Mercurial repository *

If you’ve enabled guest access in Mantis BT, you’ll need to manually enter the guest registration in this htpasswd file. For username “guest” with implicit password “guest”, append in a new line:

guest:pxoYlESJjxs2o

Mantis BT has already integrated the required wiki-integration code into it’s main branch.

Authentication

Download and extract the following integration patch package. Following it’s respective relative directory, copy over these files:

~/wiki

dokuwiki/inc/auth/mantis.class.php // authentication plug-in

dokuwiki/lib/plugins/mantis/syntax.php // register plug-in

~/mantisbt

mantisbt/core/user_api.php // integrate htpasswd_api

mantisbt/core/htpasswd_api.php // new htpasswd api

mantisbt/library/utf8/substr_replate.php // duplicate method declaration checks

mantisbt/library/utf8/mbstring/core.php // duplicate method declaration checks

* Note: after upgrading DokuWiki or MantisBT, you may lose integration *

Make sure at this point that all three systems still load.

Administrating Users: “I have the power!”

The integration system now will handle users by the following method:

  • Create user: create user in MantisBT. DokuWiki authenticates this user with Mantis BT’s authentication method. Entry in htpasswd now created for Basic HTTP authentication to the Mercurial repository.
  • Update user password: Password changed in Mantis BT database and updated in htpasswd.
  • Delete user: User removed from Mantis BT database and deleted from htpasswd.

* Note: “Disabling” user prevents authentication to Mantis BT and DokuWiki, but retains Mercurial access. *

Restricting Wiki access based on user/project participation

Log in to the wiki with your administrator account. Under the Admin page “ACL” config, you may specify a specific username (i.e. joshcarrier becomes @JOSHJCARRIER)or groups within a specific project (i.e. a project-x developer becomes @PROJECT-X_DEVELOPER).

Available roles are:

@VIEWER

@REPORTER

@DEVELOPER

@MANAGER

@ADMINISTRATOR

@ALL

* Note: At this time, Mercurial will only recognize user names. *

And that should be it! Please note that future upgrades to Mantis BT or DokuWiki will most likely cause this integration to break, since none of this code is in their official release branch. If something fails, please leave a comment below and I’ll get back to you ASAP.


Responses

  1. Hey this was cool, thanks!! Helped me resolve an issue I had when trying to do the wiki integration with the original instructions.

    The htpasswd aspect also worked perfectly for a completely different use – which I didn’t even think about until I came across your blog!! A++ Kudos, you made me look smart, which is hard to do!😉

    A couple of responses:

    in define ( ‘MANTIS_URL’, you are missing the trailing / that it requests. Maybe it works without it, didn’t try…

    Also, instead of putting all of those Configuration changes into the local.php, which will get overwritten too easily IMO, I put these changes into the very bottom of ‘dokuwiki.php’, all grouped together. By doing this, these items become ‘defaults’, and therefore are reflected properly in the configuration manager. I also kept a copy of that added block in a separate text file so that I can easily re-apply it the next time I upgrade Mantis.

    Finally, what is with the entry:
    $g_cookie_domain = ‘.joshjcarrier.com’; ??
    Any attempt to mod this with any variation of my domain resulted in a cookie error – so I left it out and see no ill effect…

    Overall, great job, this was definitely worth the visit!!

  2. @Cornelius that’s great! Can you share how your htpasswd implementation works? As for your other responses: – If Mantis requests it, then do so! (Sometimes I revise the posted script using shorter config values, instead of my installation config). – Adding configuration in dokuwiki.php is an excellent way to survive an upgrade to retain Mantis BT integration; other visitors might want to take note of this – the $g_cookie_domain config item is supposed to set the Mantis authentication cookie for (in this case) joshjcarrier.com and all its subdomains. Thus the authentication cookie set by bugs.joshjcarrier.com can be read by wiki.joshjcarrier.com . You might want to check out the Mantis BT support page regarding using that config option.

  3. >* Note: if you use DokuWiki’s built-in config editor, these changes will be erased, so >until I have a permanent-er solution, keep that in mind! *
    You can add those to dokuwiki/conf/local.protected.php which needs to be created
    define( ‘MANTIS_ROOT’, ‘/home/jcarrier/public_html/mantisbt/’ );
    define( ‘MANTIS_URL’, ‘http://bugs.joshjcarrier.com/mantisbt’ );

  4. Fantastic, thanks John!

  5. If you want a Premium Minecraft Account check out this generator.
    With it you can generate a unique Minecraft Premium Account which
    no one else has! You can Download the Free Premium Minecraft Account
    Generator http://www.minecraftfreakz.tk

    Thanks for ones marvelous posting! I definitely enjoyed reading it,
    you will be a great author. I will be sure to bookmark your
    blog and will come back very soon. I want to encourage you to definitely continue your great posts, have a nice afternoon!

  6. It’s an awesome post in favor of all the
    online viewers; they will get benefit from it I am sure.

  7. Water is the most profound aid that one can use in a weight
    loss diet. Ways to attain the best advantages from your healthy and balanced smoothie
    recipes is always to look at the proper mix of fruit and veggies.
    Smoothies are made of fresh fruit and veggies which are
    full of diverse vitamin and minerals.

  8. Hello there! Would you mind if I share your blog
    with my twitter group? There’s a lot of people
    that I think would really appreciate your content. Please let me know.
    Many thanks

  9. I have read so many articles or reviews about the blogger lovers but
    this piece of writing is genuinely a nice article, keep it up.

  10. Resultan unas ideas extremadamente genialss quee tienen quee ver con bloguear.
    Has revisado unos cuantos puntos interesantes aqui.

    De cualquiera manera prosigue blogueando.

  11.  De Ninguna Manera pienso que lo que has desarrollado sea de esta manera.

    Deberias informarte mejor o mejorar las elementos de asesoramiento.


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Categories

%d bloggers like this: