Gerald Lucas schrieb:
> Thanks for such a wonderful product. As an educator, I'm excited to
> begin experimenting with my first wiki in the classroom.
>
> I do have an issue that does not want to be resolved. I've looked
> through the FAQ and READMEs, but cannot find anything that addresses
> my problem. When I attempt to login, I receive:
>
> DEBUG: ALLOW_ANON_EDIT = false, ALLOW_BOGO_LOGIN = true,
> ALLOW_USER_PASSWORDS = true USER_AUTH_ORDER: PersonalPage => Db =>
> Forbidden, USER_AUTH_POLICY: old, PASSWORD_LENGTH_MINIMUM: 5
>
> My admin account logs in just fine, and others do, too, without
> passwords. However, when I try to give one of those a password, it
> will not save it. I'm trying to store passwords in the MySQL database,
> but I don't see why the PersonalPage does not seem to work. I've
> checked ownership and permissions on the directory, but to no avail.
they are not checked.
> Any ideas? Thanks.
Ok; I'll have to add this to doc/README.phpwiki-auth
* __~PersonalPage__: Store passwords in the users homepage metadata
(simple)
If users have not created a PersonalPage, they can still access their
UserPreferences, and change their passwords, but the authmethod doesn't
not know where to get and store this password, so it will fail.
Same with prefs storage.
The password is read from the first AuthMethod in $USER_AUTH_ORDER,
checked and if it fails, the next methods are tried according the rules
(= policy) in USER_AUTH_POLICY.
"old" is kind of unpredictable. old uses strange automatic rules from
the previous versions.
I would suggest "stacked", since tries all available methods until it
succeeds. "strict" is more secure.
--
Reini Urban
http://xarch.tu-graz.ac.at/home/rurban/
|
