From: Joby W. <joby@u.washington.edu> - 2002-10-02 06:53:23
|
Reini, Since you seem to be heading up the modifications to the user authentication system, I thought I would run by you two more options I would like to add. 1) a new login method (currently PUBCOOKIE_LOGIN): this will allow end user to use the University of Washington's Pubcookie system. When using Pubcookie the end user accesses a web site he is forced to authenticate at a central site, and the central login site then guarantees the authentication to the web site. Thus the end user's password is never available to the web site, and allowing a unified login structure for an organization. The only check is that $HTTP_SERVER_VARS['REMOTE_USER'] is guaranteed to be set and correct. 2) no admin account (ADMIN_GROUP): this would grant to specific users WIKIAUTH_ADMIN privilages. With this enabled there is no admin account, but certain users have administrative privilages. With this modifications can be tracked by user. jbw |