Great project! I have been using LDAP authentication provided by my Windows 2003 domain, and have noticed something annoying; Each time I edit a page, I get prompted for my credentials. Is this normal, or should my creds be persistent for the session?
TIA!
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
Tinkering a bit more, it seems that I can't use LDAP group authentication against my w2k3 server because the attribute gidNumber is not present in the group properties. Failing adding that to each group, I thought I would experiment with WIKIPAGE groups.
I've set up a [Management] page, and it looks like this:
dick jane
*spot
[CategoryPage]
and also added users in the same way to the Administrators page.
Then removed Authenticated Users View rights to a page, and added the Administrators group to that ACL, but it doesn't seem to stick. Here is my ACL for the page (incidentally, I've locked the admin out of this page, but can still get to it using PageName??action=setacl):
Great project! I have been using LDAP authentication provided by my Windows 2003 domain, and have noticed something annoying; Each time I edit a page, I get prompted for my credentials. Is this normal, or should my creds be persistent for the session?
TIA!
Found my own problem. I had GROUP_METHOD = LDAP, and really not convinced I had it setup right. I set it to NONE, and my re-prompt issue went away.
YAY!
Tinkering a bit more, it seems that I can't use LDAP group authentication against my w2k3 server because the attribute gidNumber is not present in the group properties. Failing adding that to each group, I thought I would experiment with WIKIPAGE groups.
I've set up a [Management] page, and it looks like this:
dick
jane
*spot
[CategoryPage]
and also added users in the same way to the Administrators page.
Then removed Authenticated Users View rights to a page, and added the Administrators group to that ACL, but it doesn't seem to stick. Here is my ACL for the page (incidentally, I've locked the admin out of this page, but can still get to it using PageName??action=setacl):
view:-_AUTHENTICATED,-_BOGOUSER,_ADMIN; edit:-_AUTHENTICATED,-_BOGOUSER; create:-_AUTHENTICATED,-_BOGOUSER; list:_EVERY; remove:_ADMIN,_OWNER; change:_ADMIN,_OWNER; dump:_EVERY
What have I done?