This MediaWiki extension aims to provide authentication via the webserver's REMOTE_AUTH (i.e. with kerberos) functionality.
It relies on the extension PluggableAuth.
After you installed the extension, you have to configure your webserver for remote authentication to match on the special page AuthRemoteUser.
<LocationMatch ".*/index\.php">
<If "%{QUERY_STRING} =~ /title=[^:]+:AuthRemoteUser/">
SSLRequireSSL
AuthType Kerberos
AuthName "Kerberos Login"
KrbMethodNegotiate On
KrbMethodK5Passwd Off
KrbAuthoritative on
KrbAuthRealms <your krb realms>
KrbVerifyKDC on
Krb5KeyTab /etc/keytabs/krb5.keytab.HTTP
require valid-user
</If>
</LocationMatch>
Note: even, if you are using Short URL schema, you have to match against index.php?title=, because the authentication special page is accessed internally with the original linking schema.
For bug reports and feature requests please see, if it is already reported on the list of open bugs. If not, report it.
For general questions, comments, or suggestions you might use the talk page on MediaWiki.org. For direct contact with the author please use the Email functionality on MediaWiki.org.