I’m trying to set up a wiki alongside my WordPress site and I want users to be able to log in once and access both platforms without having to sign in again.
I tried doing this before with MediaWiki and another website built in ASP Classic by modifying session cookies, but it was really difficult to implement and even harder to keep working properly when updates came out.
Is there a plugin or a cleaner way to make WordPress and MediaWiki share the same user login system? I don’t want to go through the hassle of custom coding again if there’s a better solution available.
Any suggestions for tools or methods that work well for this kind of single sign-on setup would be really helpful.
I’ve had great luck with Extension:OpenIDConnect for MediaWiki + a WordPress OpenID Connect plugin. Set WordPress as the OpenID provider and MediaWiki as the client. Users log in through WordPress and get redirected straight to MediaWiki - no extra login screens. Way better than custom session handling since it uses standard OAuth2/OpenID Connect protocols. Updates don’t usually break anything. Takes some config work on both sides but the docs are pretty good. I’ve been running this for over a year with zero issues - much more stable than the session cookie mess I tried first.
try Extension:LDAPAuthentication2 with the WordPress LDAP plugin - works gr8 once u get it set up. i had the same headaches with custom session stuff. this uses LDAP as a middleman so both platforms authenticate against the same directory. takes more setup upfront but it’s way more reliable and won’t break with updates like cookie hacks do.
I set this up two years ago using PluggableAuth extension with SimpleSAMLphp. Way smoother than messing with cookies manually. WordPress becomes your identity provider, MediaWiki is the service provider. PluggableAuth handles MediaWiki’s side, SimpleSAMLphp does the auth protocol between them. Users log in once through WordPress and hit the wiki without another login screen. Maintenance is pretty light - both platforms manage their own users but trust the same auth source. Updates rarely break anything since you’re using standard protocols instead of custom session stuff. Took me half a day following the docs, which the MediaWiki community keeps solid.