Subversion, MediaWiki, Wordpress, and LDAP

One of the biggest arguments you’ll get in deploying open source software in a corporate environment perception that they are extra, standalone applications. If your corporation uses an LDAP server, you can get some big wins by ensuring that your open source applications can authenticate with your corporate LDAP store, showing integration with the main systems.

I recently went through this exercise with a number of applications in our environment, including:

  • Subversion
  • MediaWiki
  • WordPress

I thought I’d throw up an entry here outlining the tools I used to make this integration possible.

Subversion was a no-brainer, since we host our repositories using mod_dav_svn. Configuring the mod_auth_ldap module in the Apache server and converting all access to SSL made this integration painless, once I figured out how to build Apache to use OpenLDAP and Secure LDAP. For MediaWiki, the Mediawiki LDAP Extension worked flawlessly. The key problem with Mediawiki is that there is no mechanism built in to ensure that logins are performed via SSL. A quick rewrite rule in the Apache server took care of this for me. A complete explanation of this process can be found at Library Web Chic.

For WordPress, I found a great plugin from Kane IT Consulting that was extremely easy to configure. I had the plugin installed and configured in minutes. I highly recommend this one. The Admin-SSL plugin, gave us the security around the login that we needed.

What has been interesting to me is seeing the subtle shift in perception of these applications as we integrated them into the authentication system. They almost seem like legitimate pieces of the system now … even to me.