Menu
▾
▴
phpwiki-talk
|
From: Bernd D. <b_d...@gm...> - 2002-02-08 12:44:31
|
hi,
is there someone out there who already has figures out user
authentication with an external user authentication script? i need it
for my diploma. i am study graphicdesign in germany. i need something
like a small tutorial because i am not an php-crack. the
authenticationclass should be able to register/login/logout/change
pass/lost password function and so on.
thanx for your help
regards
bernd
bernd duesmann | http://www.uploaders.de
01 77 . 2 82 17 30
|
|
From: Whit B. <wh...@tr...> - 2004-05-26 01:45:31
|
Hi all, I've got the current nightly and am trying to set up config.ini. Please excuse me for finding the comments cryptic ;/ - DBAUTH_AUTH_UPDATE is supposed to be set how for crypt'd passwords in SQL? I only see plaintext and database-hashed examples for this (at least by their labels). - Is the current status that ALLOW_ANON_USER set to true actually allows anon edits - even with ALLOW_ANON_EDIT set to fales? A comment hints at that, and I know there were problem reports a while back here on this, but I've missed whether it was resolved. Thanks, sorry for my confusion, Whit |
|
From: Whit B. <wh...@tr...> - 2004-05-28 18:17:30
|
Hi, Is there anyone running a recent version with SQL user verification who can share their configuration settings and experience? Have I overlooked documentation of this somewhere? My goal isn't any combination of authorization schemes, I just want to lock everything down to SQL, and require a moderator to approve all registrations. Whatever phpwiki can't do yet I'll code myself, but it seems like what it can do is way under-documented. Not a flaw for a work-in-progress, just a small hurdle I hope someone who already understands this end of it can give me a hand over - and we can stick the answer in the docs and config file comments so it's not there for the next person. Thanks, Whit On Tue, May 25, 2004 at 09:45:29PM -0400, Whit Blauvelt wrote: > Hi all, > > I've got the current nightly and am trying to set up config.ini. Please > excuse me for finding the comments cryptic ;/ > > - DBAUTH_AUTH_UPDATE is supposed to be set how for crypt'd passwords in SQL? I > only see plaintext and database-hashed examples for this (at least by their > labels). > > - Is the current status that ALLOW_ANON_USER set to true actually allows anon > edits - even with ALLOW_ANON_EDIT set to fales? A comment hints at that, and > I know there were problem reports a while back here on this, but I've missed > whether it was resolved. > > Thanks, sorry for my confusion, > Whit |
|
From: Lisa G. <lc...@sa...> - 2004-06-14 18:33:08
|
I am trying to use HttpAuth to authenticate through a Kerberos pop-up window. This is working fine - except for anything requiring administrative privileges. It is basically impossible to log on as the administrator. I have tried making the adminstrator an existing Kerberos user and a separate WikiWord. I've also tried many combinations of the user authentication options. No matter what, the adminstrative login won't 'stick'. Every page asks for the admin login, and actions done won't actually take effect (such as unlocking a page). It will default back to the Kerberos login. Any thoughts? Lisa |
|
From: Reini U. <ru...@x-...> - 2004-06-15 07:00:34
|
Lisa Glendenning schrieb: > I am trying to use HttpAuth to authenticate through a Kerberos pop-up > window. This is working fine - except for anything requiring > administrative privileges. It is basically impossible to log on as the > administrator. I have tried making the adminstrator an existing > Kerberos user and a separate WikiWord. I've also tried many > combinations of the user authentication options. No matter what, the > adminstrative login won't 'stick'. Every page asks for the admin login, > and actions done won't actually take effect (such as unlocking a page). > It will default back to the Kerberos login. Any thoughts? You are right. This is an overthought with HttpAuth. I would suggest to setup an Administrators group and add some user (not ADMIN_USER) to this group. This user will have Admin Permissions then, but not the special admin login method, which does not work for http auth (yet). I usually create this page: CategoryGroup * [Administrators] and this page: Administrators * MyAdminUser ---- CategoryGroup -- Reini Urban http://xarch.tu-graz.ac.at/home/rurban/ |
|
From: Reini U. <ru...@x-...> - 2004-06-16 09:19:33
|
Lisa Glendenning schrieb: > So what authentication method would this admin user be using and how > would I reflect this in config.ini? Any. > > On Tue, 2004-06-15 at 01:00, Reini Urban wrote: > >>Lisa Glendenning schrieb: >> >> >>>I am trying to use HttpAuth to authenticate through a Kerberos pop-up >>>window. This is working fine - except for anything requiring >>>administrative privileges. It is basically impossible to log on as the >>>administrator. I have tried making the adminstrator an existing >>>Kerberos user and a separate WikiWord. I've also tried many >>>combinations of the user authentication options. No matter what, the >>>adminstrative login won't 'stick'. Every page asks for the admin login, >>>and actions done won't actually take effect (such as unlocking a page). >>>It will default back to the Kerberos login. Any thoughts? >> >>You are right. This is an overthought with HttpAuth. >>I would suggest to setup an Administrators group and add some user (not >>ADMIN_USER) to this group. This user will have Admin Permissions then, >>but not the special admin login method, which does not work for http >>auth (yet). >> >>I usually create this page: >>CategoryGroup >> >>* [Administrators] >> >>and this page: >>Administrators >> >>* MyAdminUser >> >>---- >>CategoryGroup > > > > -- Reini Urban http://xarch.tu-graz.ac.at/home/rurban/ |
|
From: Lisa G. <lc...@sa...> - 2004-06-16 16:07:35
|
I've tried doing group method WIKIPAGE, the only text in the Administrator's page being * MyAdminUser ---- CategoryGroup In which case, although I have no idea how to set MyAdminUser's password, phpWiki seems to think that it is the password I set in config.ini for ADMIN_USER (which is a different WikiWord than MyAdminUser). If I sign out of my Kerberos login and sign in as MyAdminUser (using the ADMIN_USER password), then it will revert back to the Kerberos account on any action. If I click on one of the AdminPlugin buttons (i.e. in PhpWikiAdministration), which pops up a window asking for a password, and I enter the MyAdminUser login, then PhpWiki just hangs and doesn't change pages to anything. I've also tried having the entry in the Adminstrators page be a valid Kerberos login, which leads to the old problem of having to relogin every page. I've also tried having the group method be a flat file and run into the same problems. I am using version 1.3.10. I am really stuck, and if it is possible to make this work, I need step by step instructions for the config.ini and other files. If it is not possible to make this work, I will need to use a different wiki, although I've put in a lot of effort trying to make PhpWiki authentication work. On Wed, 2004-06-16 at 03:19, Reini Urban wrote: > Lisa Glendenning schrieb: > > So what authentication method would this admin user be using and how > > would I reflect this in config.ini? > > Any. > > > > > On Tue, 2004-06-15 at 01:00, Reini Urban wrote: > > > >>Lisa Glendenning schrieb: > >> > >> > >>>I am trying to use HttpAuth to authenticate through a Kerberos pop-up > >>>window. This is working fine - except for anything requiring > >>>administrative privileges. It is basically impossible to log on as the > >>>administrator. I have tried making the adminstrator an existing > >>>Kerberos user and a separate WikiWord. I've also tried many > >>>combinations of the user authentication options. No matter what, the > >>>adminstrative login won't 'stick'. Every page asks for the admin login, > >>>and actions done won't actually take effect (such as unlocking a page). > >>>It will default back to the Kerberos login. Any thoughts? > >> > >>You are right. This is an overthought with HttpAuth. > >>I would suggest to setup an Administrators group and add some user (not > >>ADMIN_USER) to this group. This user will have Admin Permissions then, > >>but not the special admin login method, which does not work for http > >>auth (yet). > >> > >>I usually create this page: > >>CategoryGroup > >> > >>* [Administrators] > >> > >>and this page: > >>Administrators > >> > >>* MyAdminUser > >> > >>---- > >>CategoryGroup > > > > > > > > > |
|
From: Reini U. <ru...@x-...> - 2004-06-21 17:58:09
|
Lisa Glendenning schrieb: > I wasn't sure if you saw this post, since I didn't see it sent to the > mailing list. > > I"ve tried doing group method WIKIPAGE, the only text in the > Administrator"s page being > > * MyAdminUser > > ---- > > CategoryGroup > > In which case, although I have no idea how to set MyAdminUser"s > password, phpWiki seems to think that it is the password I set in > config.ini for ADMIN_USER (which is a different WikiWord than > MyAdminUser). If I sign out of my Kerberos login and sign in as > MyAdminUser (using the ADMIN_USER password), then it will revert back to > the Kerberos account on any action. What is a kerberos login? We don't support kerberos auth so far to my knowledge. Ah, I see HttpAuth! HttpAuth is a hack and not very well tested yet. This might be the reason for your problems. I'll check it soon. The default password for new users is empty. However if you define a new user by adding him implictly at login with userid and password (which you did) he gets this new password. You can always change a password that at UserPreferences. (fixed with Revision 1.93 2004/06/15 09:15:52 > If I click on one of the > AdminPlugin buttons (i.e. in PhpWikiAdministration), which pops up a > window asking for a password, and I enter the MyAdminUser login, then > PhpWiki just hangs and doesn"t change pages to anything. > I"ve also tried having the entry in the Adminstrators page be a valid > Kerberos login, which leads to the old problem of having to relogin > every page. I"ve also tried having the group method be a flat file and > run into the same problems. > > I am using version 1.3.10. > > I am really stuck, and if it is possible to make this work, I need step > by step instructions for the config.ini and other files. If it is not > possible to make this work, I will need to use a different wiki, > although I"ve put in a lot of effort trying to make PhpWiki > authentication work. > > On Wed, 2004-06-16 at 03:19, Reini Urban wrote: > >>Lisa Glendenning schrieb: >> >>>So what authentication method would this admin user be using and how >>>would I reflect this in config.ini? >> >>Any. >> >> >>>On Tue, 2004-06-15 at 01:00, Reini Urban wrote: >>>>Lisa Glendenning schrieb: >>>>>I am trying to use HttpAuth to authenticate through a Kerberos pop-up >>>>>window. This is working fine - except for anything requiring >>>>>administrative privileges. It is basically impossible to log on as the >>>>>administrator. I have tried making the adminstrator an existing >>>>>Kerberos user and a separate WikiWord. I've also tried many >>>>>combinations of the user authentication options. No matter what, the >>>>>adminstrative login won't 'stick'. Every page asks for the admin login, >>>>>and actions done won't actually take effect (such as unlocking a page). >>>>>It will default back to the Kerberos login. Any thoughts? >>>> >>>>You are right. This is an overthought with HttpAuth. >>>>I would suggest to setup an Administrators group and add some user (not >>>>ADMIN_USER) to this group. This user will have Admin Permissions then, >>>>but not the special admin login method, which does not work for http >>>>auth (yet). >>>> >>>>I usually create this page: >>>>CategoryGroup >>>> >>>>* [Administrators] >>>> >>>>and this page: >>>>Administrators >>>> >>>>* MyAdminUser >>>> >>>>---- >>>>CategoryGroup >>> >>> >>> >>> > > > -- Reini Urban http://xarch.tu-graz.ac.at/home/rurban/ |
|
From: Adam S. <ad...@pe...> - 2002-02-08 17:16:08
|
> is there someone out there who already has figures out user > authentication with an external user authentication script? i need it > for my diploma. i am study graphicdesign in germany. i need something > like a small tutorial because i am not an php-crack. the > authenticationclass should be able to register/login/logout/change > pass/lost password function and so on. phpwiki doesn't currently support authentication logins. partly because the developers haven't gotten to it yet and partly because it's not very "wiki" and has been low priority. you could probalby do this by setting up your webserver to authenticate users before they entered the wiki but i'm not sure how cleanly that would integrate with phpwiki (it would work though). if you need a wiki which supports full user authentication natively you should check out twiki.org which is a perl based wiki mostly used for intranets. adam. |
|
From: Bernd D. <b_d...@gm...> - 2002-02-09 12:39:17
|
hi adam, thanks for your answer. >> is there someone out there who already has figures out user >> authentication with an external user authentication script? i need it >> for my diploma. i am study graphicdesign in germany. i need something >> like a small tutorial because i am not an php-crack. the >> authenticationclass should be able to register/login/logout/change >> pass/lost password function and so on. > > phpwiki doesn't currently support authentication logins. partly because > the developers haven't gotten to it yet and partly because it's not very > "wiki" and has been low priority. i know that userauthentication is very unwiki. but for my diploma i need a wiki that supports user authentication. i have heard, that it is not so hard to manag user authentication with an existing library. but my php-skills are not enough. > you could probalby do this by setting > up your webserver to authenticate users before they entered the wiki but > i'm not sure how cleanly that would integrate with phpwiki (it would > work though). my idea is, that everyone can read the wiki. but if they want to edit they have to register with their emailadress. > if you need a wiki which supports full user authentication natively you > should check out twiki.org which is a perl based wiki mostly used for > intranets. i have taken a look on twiki. i am on a virtual webserver and twiki needs different entries in httpd.conf and requires that cgi scripts can be executed from everywhere. so it will not run on my server and my perl-skills are lower then my php-skills ;) so if anyone has figured out how userauthentication works it would be very usefull for me. bernd bernd duesmann | http://www.uploaders.de 01 77 . 2 82 17 30 |
|
From: Jeff D. <da...@da...> - 2002-02-09 17:33:47
|
Bernd Duesmann said:
> so if anyone has figured out how userauthentication works it would be
> very usefull for me.
If you want to try hacking it in yourself, here's some vague hints as to
where to start (PhpWiki 1.3 CVS):
As has been noted, PhpWiki currently has no support at all for
registering or keeping track of users, so you'll have to figure
out a way to do that...
To hook into PhpWiki's login/authentication mechanism:
All user logins/signins go through WikiUser::_pwcheck(). This method
checks the provided username and password. Currently it returns one
of three values:
WIKIAUTH_ADMIN: if the username and password are those of the
administrator.
WIKIAUTH_BOGO: if bogo-login's are allowed, and the username is
of a suitable format.
false: Bad username or password. Login fails.
You want to modifiy this method so that it can also return:
WIKIAUTH_USER: username and password match that of a valid
registered user.
If you do this, it should "just work" (hah). But I haven't really
tried it, so it may well not. If you have trouble with that part,
let me know, and I'd be happy to help debug.
|
|
From: Bernd D. <b_d...@gm...> - 2002-02-10 15:57:56
|
Am Samstag den, 9. Februar 2002, um 18:33, schrieb Jeff Dairiki:
>> so if anyone has figured out how userauthentication works it would be
>> very usefull for me.
>
> If you want to try hacking it in yourself, here's some vague hints as to
> where to start (PhpWiki 1.3 CVS):
because of my poor php-skills i am not able to do it for myself. is
there something like a plan when userauthentication will be supported in
phpwiki? in the next 2 months? or will it take a year?
greets
bernd :)
bernd duesmann | http://www.uploaders.de
01 77 . 2 82 17 30
|
|
From: Reini U. <ru...@x-...> - 2002-02-11 18:17:40
|
Bernd Duesmann schrieb: > because of my poor php-skills i am not able to do it for myself. is > there something like a plan when userauthentication will be supported in > phpwiki? in the next 2 months? or will it take a year? in the next two months. if not someone else I will do it. I will also do group permissions as explained in http://phpwiki.sourceforge.net/phpwiki/WikiPageMailBoxFormat * index.php constant for enable_user_auth_email_check, default: false * on bogo login ask for username, password and email. * send an email with a unique request_id to ask if subscription was correct. * procmail script in .forward to a special page which enables the account. I think the existing plugin for phpnuke does the same. -- Reini Urban http://xarch.tu-graz.ac.at/home/rurban/ http://tv.mur.at/ (kulturelles) |
|
From: Bernd D. <b_d...@gm...> - 2002-02-11 22:04:32
|
Am Montag den, 11. Februar 2002, um 19:17, schrieb Reini Urban:
> in the next two months.
wow, cool.
i am reading =BBthe wiki way=AB (Bo Leuf, Ward Cunningham) at the =
moment.=20
very interesting.
bernd
bernd duesmann | http://www.uploaders.de
01 77 . 2 82 17 30
|
×
Want the latest updates on software, tech news, and AI?
Get latest updates about software, tech news, and AI from SourceForge directly in your inbox once a month.
Thanks for helping keep SourceForge clean.
X