Monthly Archives: May 2006

Password protecting MediaWiki with mod_auth_mysql

Posted on by
38

MediaWiki is the powerful software on which Wikipedia and many other sites are built. It does not, however, come with the option to password protect pages from being viewed. (It can password protect pages from being edited.)

If you need to setup a private, members-only wiki for internal use, here is how you can do it with MediaWiki software and the Apache server extension mod_auth_mysql:

1. Install MediaWiki as usual. Create a user account for yourself.

2. Add the following line to your LocalSettings.php file, located in the root of your MediaWiki installation. This will cause MediaWiki to use a simple MD5 hash for user passwords in the database, instead of the more complicated “salted hash hash” that it normally uses.

$wgPasswordSalt = false;

3. Activate mod_auth_mysql in Apache. This is usually done with a LoadModule line in your Apache configuration file (httpd.conf), provided the module is available. (If not, you may need to compile or download the module.)

LoadModule mysql_auth_module libexec/apache2/mod_auth_mysql.so

4. Create a new MySQL user that has SELECT access to the “user_name” and “user_password” fields in the “user” table of your MediaWiki installation. Apache will use this MySQL user for connecting to the MediaWiki database.

5. Configure mod_auth_mysql to use the MediaWiki user table for authentication by placing the follow directives in your Apache configuration file:



AuthName "This wiki is password protected (make sure the first letter of the username is Uppercase)"
AuthType Basic
require valid-user
AuthMySQLEnable On
AuthMySQLHost localhost
AuthMySQLUser unprivilegeduser
AuthMySQLPassword thesecretpassword
AuthMySQLDB mediawikidatabase
AuthMySQLUserTable user
AuthMySQLNameField user_name
AuthMySQLPasswordField user_password
AuthMySQLPwEncryption md5
AuthMySQLAuthoritative On

6. Restart Apache.

Your installation of MediaWiki should now be password-protected, but your username and password will let you in. This protects the entire wiki; no one will even know that MediaWiki is present until they login. To give other people access, you can either create user accounts for them, or you can create a guest account that they can use until they sign themselves up.

P.S. Thanks to Gary Thornock for helping me with the details of installing mod_auth_mysql on FreeBSD.

UPDATE (2008-09-11):
The latest version of MediaWiki (version 1.13) uses a new password format which is incompatible with mod_auth_mysql. It prepends “:A:” to each MD5 hash. Here is a workaround:

1. Create a MySQL view that mirrors the username and password, minus the prefix:
CREATE VIEW user_view AS SELECT user_id, user_name, substring_index(user_password, ':', -1) AS user_password FROM user;
2. Configure mod_auth_mysql to use user_view instead of user as the lookup table.

JungleDisk

Posted on by
4

JungleDisk is an online backup utility, similar to local favorite Mozy, that builds on Amazon’s S3 service. JungleDisk works with Windows, Mac, and Linux, with the added feature of letting you mount a disk on your computer. Simply copy to the disk all the files you want to backup and you’re done. The files are securely uploaded to S3 in the background, and storage is just $0.15 per gigabyte. I haven’t tried this yet, but I’ll certainly recommend this to my Mac-using friends.

JungleDisk – Reliable online storage powered by Amazon S3™

Source: Bruce Fryer at Phil Windley’s CTO Breakfast.

Mechanical Turk, CastingWords, Mycroft, and Mormon genealogy

Posted on by
2

This morning I listened to a fascinating podcast by Jon Udell in which he interviewed representatives from CastingWords and Mycroft, two companies that build on Tim O’Reilly’s Web 2.0 vision “harnessing collective intelligence”.

CastingWords is a podcast transcription service built on Amazon.com’s Mechanical Turk platform. CastingWords charges between $0.42 and $0.75 per minute to transcribe your audio. They in turn outsource the actual transcription labor to workers on the Mechanical Turk. The Mechanical Turk is interesting because it brings together “workers” and “employers” for microtasks. Nathan McFarland said that many of their “workers” do transcription while on the clock at other jobs, jobs that simply require a physical presence. Doing transcription work for CastingWords could provide a second income for stay-at-home moms, night security guards, or college students. This is particularly interesting for people that can speak a second language and could do translation. (For more on the Mechanical Turk, see my post on Empowering the disabled, poor, and distant.)

Mycroft is a Berkeley project that is producing puzzles and questions in the form of banner ads. The idea is that instead of simply displaying an advertisement, these banner ads allow user interaction. A user might be prompted to transcribe a line of text or describe a photo in their own words. While thesy may appear to be puzzles or games, the user is actually doing useful work, which “employers” will pay for. Benjamin Hill explains that there isn’t an easy way for blog readers to leave (monetary) “tips” for blogs they like, but they could contribute to a blog by completing a few tasks in a banner. (Click on the Mycroft link for an example.) It’s like washing the dishes at a restaurant when you can’t pay.

Both projects made me think of the Mormon church‘s genealogy efforts. Rumor has it that they intend to digitize and make searchable ALL of their genealogy archives and that a former Symantec executive has volunteered to help make it happen. That would, of course, requires massive amounts of data entry and double checking. I think the Mechanical Turk or Mycroft could be great platforms for making this happen.

In a Mormon ward a couple of years ago, I was assigned to be an “extraction worker”, meaning I had to transcribe genealogical records. I might be given, for example, death records from Alabama in the 1950′s and I had to type them into the program. But the software had to be installed on my machine and it was only available for Windows. My moving all of this labor to the Web, using a platform like the MTurk, people could do extraction work from any computer at any location, and it wouldn’t require you to go through the hassle of installing anything, which presumably means that any Church member could contribute a few minutes each Sunday instead of only the assigned extraction workers. This would also make the work available to members of other faiths who might have an equal interest in digitizing genealogy records.

Cool genealogy projects

Posted on by
Reply

Here are 3 cool genealogy projects from local Utahns:

  • WeRelate.org — WeRelate is a genealogy search engine. Founder Dallan Quass created Flipdog, a job search engine that was acquired by Monster.com, has taught at BYU, and worked in the Mormon church‘s genealogy department. WeRelate uses wiki technology to allow everyone to collaborate on names and places. In fact, the search engine uses this user-contributed intelligence to help it mine the Web for genealogy information.
  • MacPAF — MacPAF is a Mac OS X version of Personal Ancestral File, the Windows genealogy program published by the Church. MacPAF is being developed by BYU student and Apple computer guru Logan Allred.
  • Beyond — Beyond is “a cross-platform, open, free genealogy record manager that makes genealogy research easy and fun.” The developer is Ben Crowder, a BYU student who is building Beyond with the principles espoused by 37signals.com, such as simplicity, usability, and “less is more”. Ben also plans to develop Mac, Windows, and Linux clients for offline use.

I look forward to seeing the future of each of these projects!

Blurb.com

Posted on by
Reply

Last year we had the idea that it would be cool to print out and bind blog entries. A nice, leather-bound book could be a nice way to preserve (immortalize?) your blog. We looking into buying domains like Lifepedia.com and Lifebrary.com from their current owners, and we looked into local pricing on binding. But our interests took us elsewhere.

Today I learned of a company called Blurb that is doing this exact thing. You can create your own hard-bound book from your blog, recipes, photos, or stories. Looks like a great service.