Robert Dodier schrieb:
> I have another security-related question. This mailing list
> doesn't appear to be archived, and reading through the FAQ,
> change log, and index.php, I wasn't able to resolve this
> question, so here it is.
>
> How does one set up PhpWiki internal authentication?
> (Assuming that there is such a thing.)
>
> I've tried some permutations of the settings in index.php --
> specifically ALLOW_USER_LOGIN, ALLOW_BOGO_LOGIN, and
> REQUIRE_SIGNIN_BEFORE_EDIT. It seems that setting these to
> true, false, and true, respectively, would invoke authentication.
> But how are usernames and passwords assigned? I don't see
> a "Create User" or whatever on the wiki administration page.
>
> Can username/password pairs be created by some MySQL commands?
> There are some comments about that in index.php, but they
> seem to apply specifically to IMAP authentication.
the code in index.php relates to the upcoming auth code which is
currently rewritten.
the current version supports:
internal auth: ALLOW_BOGO_LOGIN and REQUIRE_SIGNIN_BEFORE_EDIT
external auth: LDAP, IMAP
REQUIRE_SIGNIN_BEFORE_EDIT stores the password either in the cookie or
the metadata of the users homepage. (if it exists)
ALLOW_BOGO_LOGIN asks for no password, it just requires that the
username is valid wikiword. then access is granted.
the upcoming release will supports more external auth and preferences:
http auth, database, files.
> I'm trying to figure out a simple scheme for assigning
> usernames and passwords. Any advice that you might have is
> greatly appreciated. PhpWiki rocks! Thanks for creating
> such a great project.
--
Reini Urban
http://xarch.tu-graz.ac.at/home/rurban/
|
