Hello Reini,
Thanks very much for your comments. You wrote in part:
-------- begin quotation --------
the current version supports:
internal auth: ALLOW_BOGO_LOGIN and REQUIRE_SIGNIN_BEFORE_EDIT
external auth: LDAP, IMAP
REQUIRE_SIGNIN_BEFORE_EDIT stores the password either in the cookie or
the metadata of the users homepage. (if it exists)
ALLOW_BOGO_LOGIN asks for no password, it just requires that the
username is valid wikiword. then access is granted.
--------- end quotation ---------
What I don't understand here, is how the passwords are
assigned for REQUIRE_SIGNIN_BEFORE_EDIT. That password which
is stored in a cookie or metadata -- where did it comes from?
It seems that to get nontrivial authentication it is necessary
to set ALLOW_BOGO_LOGIN to "false". Otherwise, anyone can log
in with no password, which seems to defeat the purpose of
REQUIRE_SIGNIN_BEFORE_EDIT.
Thanks again for your help. I appreciate it very much!
Robert Dodier
__________________________________
Do you Yahoo!?
Yahoo! Hotjobs: Enter the "Signing Bonus" Sweepstakes
http://hotjobs.sweepstakes.yahoo.com/signingbonus
|
