Re: [Phpwiki-talk] user authentication

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 422-6466

Lisa Glendenning schrieb:
> I wasn't sure if you saw this post, since I didn't see it sent to the
> mailing list.
> 
> I"ve tried doing group method WIKIPAGE, the only text in the
>  Administrator"s page being
>  
>  * MyAdminUser
>  
>  ----
>  
>  CategoryGroup
>  
>  In which case, although I have no idea how to set MyAdminUser"s
>  password, phpWiki seems to think that it is the password I set in
>  config.ini for ADMIN_USER (which is a different WikiWord than
>  MyAdminUser).  If I sign out of my Kerberos login and sign in as
>  MyAdminUser (using the ADMIN_USER password), then it will revert back to
>  the Kerberos account on any action.  

What is a kerberos login? We don't support kerberos auth so far to my 
knowledge. Ah, I see HttpAuth!

HttpAuth is a hack and not very well tested yet. This might be the 
reason for your problems. I'll check it soon.

The default password for new users is empty. However if you define a new 
user by adding him implictly at login with userid and password (which 
you did) he gets this new password.
You can always change a password that at UserPreferences.
(fixed with Revision 1.93  2004/06/15 09:15:52

> If I click on one of the
>  AdminPlugin buttons (i.e. in PhpWikiAdministration), which pops up a
>  window asking for a password, and I enter the MyAdminUser login, then
>  PhpWiki just hangs and doesn"t change pages to anything.

>  I"ve also tried having the entry in the Adminstrators page be a valid
>  Kerberos login, which leads to the old problem of having to relogin
>  every page.  I"ve also tried having the group method be a flat file and
>  run into the same problems.  
>  
>  I am using version 1.3.10.
>  
>  I am really stuck, and if it is possible to make this work, I need step
>  by step instructions for the config.ini and other files.  If it is not
>  possible to make this work, I will need to use a different wiki,
>  although I"ve put in a lot of effort trying to make PhpWiki
>  authentication work.  
> 
> On Wed, 2004-06-16 at 03:19, Reini Urban wrote:
> 
>>Lisa Glendenning schrieb:
>>
>>>So what authentication method would this admin user be using and how
>>>would I reflect this in config.ini?
>>
>>Any.
>>
>>
>>>On Tue, 2004-06-15 at 01:00, Reini Urban wrote:
>>>>Lisa Glendenning schrieb:
>>>>>I am trying to use HttpAuth to authenticate through a Kerberos pop-up
>>>>>window.  This is working fine - except for anything requiring
>>>>>administrative privileges.  It is basically impossible to log on as the
>>>>>administrator.  I have tried making the adminstrator an existing
>>>>>Kerberos user and a separate WikiWord.  I've also tried many
>>>>>combinations of the user authentication options.  No matter what, the
>>>>>adminstrative login won't 'stick'.  Every page asks for the admin login,
>>>>>and actions done won't actually take effect (such as unlocking a page). 
>>>>>It will default back to the Kerberos login.  Any thoughts?
>>>>
>>>>You are right. This is an overthought with HttpAuth.
>>>>I would suggest to setup an Administrators group and add some user (not 
>>>>ADMIN_USER) to this group. This user will have Admin Permissions then, 
>>>>but not the special admin login method, which does not work for http 
>>>>auth (yet).
>>>>
>>>>I usually create this page:
>>>>CategoryGroup
>>>>
>>>>* [Administrators]
>>>>
>>>>and this page:
>>>>Administrators
>>>>
>>>>* MyAdminUser
>>>>
>>>>----
>>>>CategoryGroup
>>>
>>>
>>>
>>>
> 
> 
> 

-- 
Reini Urban
http://xarch.tu-graz.ac.at/home/rurban/