Skip to content


Switch branches/tags

Latest commit


Git stats


Failed to load latest commit information.
Latest commit message
Commit time

Shibboleth authentication backend for DokuWiki

Important note: This authentication backend is compatible with DokuWiki versions up to 2013-05-10 "Weatherwax". For newer versions use the Shibboleth Authentication Plugin.

DokuWiki is a flexible and simple wiki system written in PHP. Shibboleth is widely used open-source implementation of SAML. DokuWiki supports different authentication backends. It is very easy to write an alternative authentication backend and integrate it into DokuWiki.

This backend uses a Shibboleth session to authenticate users. It just takes all required information from the environment variables injected by Shibboleth (user attributes sent by the identity provider).


  • PHP 5.x
  • Shibboleth SP 2.x (mostly as Apache module)
  • DokuWiki 2012-10-13 “Adora Belle” or older


  1. Clone the repository and place it anywhere on your system.
  2. Copy auth/backend/shib.class.php into DOKUWIKI_HOME/inc/auth

DokuWiki configuration

The only required part is to put the following line into your conf/local.php configuration file:

$conf['authtype'] = 'shib';

But you would probably want to specify more parameters. Look into the attached example configuration dokushib/auth/conf/example-shibauth-conf.php, all directives are listed and explained there. You may put your configuration right into your conf/local.php or in a separate file and include it in conf/local.php.

Shibboleth configuration

You need Shibboleth SP 2.x installed. In Apache you have to configure Shibboleth to protect your DokuWiki directory:

<Directory "/var/www/site/dokuwiki/">
  AuthType shibboleth
  ShibRequireSession On
  require valid-user

If you want to use lazy sessions (optional login, thus allowing anonymous access), you'll use this instead of the above:

<Directory "/var/www/sites/dokuwiki/">
  AuthType shibboleth
  require shibboleth

And of course, you need to allow lazy sessions in your configuration, see the example configuration file. Now, your site doesn't require authentication by default. To authenticate a user, an explicit session initiation is required. You need to replace the standard DokuWiki login link with the Shibboleth login handler link (something like /Shibboleth.sso/Login?target=...). Or you may use the Shibboleth login plugin, which does that for you.

Shibboleth login plugin

It's a simple plugin, which intercepts the DokuWiki login action and fires Shibboleh session initiation instead. To install it, just copy dokushib/plugin/shiblogin directory into DOKUWIKI_HOME/lib/plugins. By default, the plugin will call this link:


You can modify this by setting some of the configuration directives, see the example configuration in dokushib/plugin/conf/example-shibplugin-conf.php.


Shibboleth authentication backend for DokuWiki






No packages published