Re: [Phpwiki-talk] user authentication

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 422-6466

I've tried doing group method WIKIPAGE, the only text in the
Administrator's page being

* MyAdminUser

----

CategoryGroup

In which case, although I have no idea how to set MyAdminUser's
password, phpWiki seems to think that it is the password I set in
config.ini for ADMIN_USER (which is a different WikiWord than
MyAdminUser).  If I sign out of my Kerberos login and sign in as
MyAdminUser (using the ADMIN_USER password), then it will revert back to
the Kerberos account on any action.  If I click on one of the
AdminPlugin buttons (i.e. in PhpWikiAdministration), which pops up a
window asking for a password, and I enter the MyAdminUser login, then
PhpWiki just hangs and doesn't change pages to anything.

I've also tried having the entry in the Adminstrators page be a valid
Kerberos login, which leads to the old problem of having to relogin
every page.  I've also tried having the group method be a flat file and
run into the same problems.  

I am using version 1.3.10.

I am really stuck, and if it is possible to make this work, I need step
by step instructions for the config.ini and other files.  If it is not
possible to make this work, I will need to use a different wiki,
although I've put in a lot of effort trying to make PhpWiki
authentication work.  

On Wed, 2004-06-16 at 03:19, Reini Urban wrote:
> Lisa Glendenning schrieb:
> > So what authentication method would this admin user be using and how
> > would I reflect this in config.ini?
> 
> Any.
> 
> > 
> > On Tue, 2004-06-15 at 01:00, Reini Urban wrote:
> > 
> >>Lisa Glendenning schrieb:
> >>
> >>
> >>>I am trying to use HttpAuth to authenticate through a Kerberos pop-up
> >>>window.  This is working fine - except for anything requiring
> >>>administrative privileges.  It is basically impossible to log on as the
> >>>administrator.  I have tried making the adminstrator an existing
> >>>Kerberos user and a separate WikiWord.  I've also tried many
> >>>combinations of the user authentication options.  No matter what, the
> >>>adminstrative login won't 'stick'.  Every page asks for the admin login,
> >>>and actions done won't actually take effect (such as unlocking a page). 
> >>>It will default back to the Kerberos login.  Any thoughts?
> >>
> >>You are right. This is an overthought with HttpAuth.
> >>I would suggest to setup an Administrators group and add some user (not 
> >>ADMIN_USER) to this group. This user will have Admin Permissions then, 
> >>but not the special admin login method, which does not work for http 
> >>auth (yet).
> >>
> >>I usually create this page:
> >>CategoryGroup
> >>
> >>* [Administrators]
> >>
> >>and this page:
> >>Administrators
> >>
> >>* MyAdminUser
> >>
> >>----
> >>CategoryGroup
> > 
> > 
> > 
> > 
> 