Menu
▾
▴
phpwiki-talk
|
From: Tom E. <ro...@te...> - 2005-08-22 08:40:36
|
Hi all, I've just installed the new 3.11rc3 hoping that my authentication issue would be resolved, but I still have the following problem: I go the the wiki. In the footer, is sais "You are signed but not authenticated as teicher. " I think it recognizes me because I have protected this (personal) wiki behind an apache2 BasicAuth. (Although I have nothing like HttpAuth configure in the wiki) I click "Sign in As". I enter the name and password defined for admin in the config.ini Now I am admin " Authenticated as teicher" But when I now click any other link (like, the home page icon again), I become unauthenticated "You are signed but not authenticated as teicher." I don't really need auth on my personal wiki, however that defers me from using any admin features, like "restore", "lock". ... Some excepts from my config below. Can someone please give me some hints, or give instructions on how to get more useful information for you folks ? Any help appreciated! - Thanks! Tom. I fiddled with most obviously related settings, but the behaviour would never change. (Until I disallow anon stuff, but than I am redirected to the login page after any 1st page view...) ... WIKI_NAME = TeicherWiki ... ADMIN_USER=teicher ; ADMIN_PASSWD is ignored on HttpAuth ADMIN_PASSWD="MyPwd" ... ENCRYPTED_PASSWD = false ... DATABASE_TYPE = file ; NOTE: had DBA before, but switched since SuSE online security update ; always killed my php gdbm ... ... DATABASE_PREFIX = phpwiki_ ... DATABASE_SESSION_TABLE = session ... DATABASE_DIRECTORY = /export/wikidb/files ... SESSION_SAVE_PATH = /export/wikidb/session ; NOTE: I see files created there ... should be ok... ... ALLOW_ANON_USER = true ALLOW_ANON_EDIT = true ALLOW_BOGO_LOGIN = true ALLOW_USER_PASSWORDS = true USER_AUTH_ORDER = "PersonalPage" USER_AUTH_POLICY = stacked AUTH_SESS_USER = phpwikiuserid ... AUTH_SESS_LEVEL = 2 ; NOTE: 1 didn't help... ... GROUP_METHOD = "NONE" ... -- teicher.net - Guaranteed to be free of any useable content. |
|
From: Stefan <son...@ba...> - 2005-08-22 10:01:38
|
Hi Tom,
try to change this
here is the mail i wrote some weeks ago
zip =============================================
when entering an access restricted web site on apache (.htaccess) you
have to login with userid and password. after doing this you always get
logged out from phpwiki when using as example Db auth.
This is fixed when changing this lines from top to down of function
_deduceUsername() in main.php.
if (!empty($HTTP_SERVER_VARS['PHP_AUTH_USER']))
return $HTTP_SERVER_VARS['PHP_AUTH_USER'];
if (!empty($HTTP_ENV_VARS['REMOTE_USER']))
return $HTTP_ENV_VARS['REMOTE_USER'];
----------------------------------
function _deduceUsername() {
global $HTTP_SERVER_VARS, $HTTP_ENV_VARS;
============ Delete =====================
if (!empty($HTTP_SERVER_VARS['PHP_AUTH_USER']))
return $HTTP_SERVER_VARS['PHP_AUTH_USER'];
if (!empty($HTTP_ENV_VARS['REMOTE_USER']))
return $HTTP_ENV_VARS['REMOTE_USER'];
========== End Delete ====================
if (!empty($this->args['auth']) and
!empty($this->args['auth']['userid']))
return $this->args['auth']['userid'];
if ($user = $this->getSessionVar('wiki_user')) {
// switched auth between sessions.
// Note: There's no way to demandload a missing
class-definition afterwards! (Stupid php)
if (isa($user, WikiUserClassname())) {
$this->_user = $user;
$this->_user->_authhow = 'session';
return ENABLE_USER_NEW ? $user->UserName() : $this->_user;
}
}
if ($userid = $this->getCookieVar('WIKI_ID')) {
if (!empty($userid) and substr($userid,0,2) != 's:') {
$this->_user->authhow = 'cookie';
return $userid;
}
}
if ($this->getArg('action') == 'xmlrpc') { // how about SOAP?
// wiki.putPage has special otional userid/passwd arguments.
check that later.
$userid = '';
if (isset($HTTP_SERVER_VARS['REMOTE_USER']))
$userid = $HTTP_SERVER_VARS['REMOTE_USER'];
elseif (isset($HTTP_SERVER_VARS['REMOTE_ADDR']))
$userid = $HTTP_SERVER_VARS['REMOTE_ADDR'];
elseif (isset($HTTP_ENV_VARS['REMOTE_ADDR']))
$userid = $HTTP_ENV_VARS['REMOTE_ADDR'];
elseif (isset($GLOBALS['REMOTE_ADDR']))
$userid = $GLOBALS['REMOTE_ADDR'];
return $userid;
}
=============== INSERT ===========
if (!empty($HTTP_SERVER_VARS['PHP_AUTH_USER']))
return $HTTP_SERVER_VARS['PHP_AUTH_USER'];
if (!empty($HTTP_ENV_VARS['REMOTE_USER']))
return $HTTP_ENV_VARS['REMOTE_USER'];
============== End Insert =============
return false;
}
end zip ===============================================================
Tom Eicher schrieb:
>
> Hi all,
>
> I've just installed the new 3.11rc3 hoping that my authentication
> issue would be resolved, but I still have the following problem:
>
> I go the the wiki. In the footer, is sais
> "You are signed but not authenticated as teicher. "
>
> I think it recognizes me because I have protected this
> (personal) wiki behind an apache2 BasicAuth.
> (Although I have nothing like HttpAuth configure in the
> wiki)
> I click "Sign in As".
> I enter the name and password defined for admin in the config.ini
> Now I am admin " Authenticated as teicher"
>
> But when I now click any other link (like, the home page
> icon again), I become unauthenticated
> "You are signed but not authenticated as teicher."
>
> I don't really need auth on my personal wiki, however
> that defers me from using any admin features, like
> "restore", "lock". ...
>
> Some excepts from my config below.
>
> Can someone please give me some hints, or give instructions
> on how to get more useful information for you folks ?
>
> Any help appreciated! - Thanks!
> Tom.
>
> I fiddled with most obviously related settings, but the
> behaviour would never change. (Until I disallow anon stuff,
> but than I am redirected to the login page after any 1st
> page view...)
> ...
> WIKI_NAME = TeicherWiki
> ...
> ADMIN_USER=teicher
> ; ADMIN_PASSWD is ignored on HttpAuth
> ADMIN_PASSWD="MyPwd"
> ...
> ENCRYPTED_PASSWD = false
> ...
> DATABASE_TYPE = file
> ; NOTE: had DBA before, but switched since SuSE online security update
> ; always killed my php gdbm ...
> ...
> DATABASE_PREFIX = phpwiki_
> ...
> DATABASE_SESSION_TABLE = session
> ...
> DATABASE_DIRECTORY = /export/wikidb/files
> ...
> SESSION_SAVE_PATH = /export/wikidb/session
> ; NOTE: I see files created there ... should be ok...
> ...
> ALLOW_ANON_USER = true
> ALLOW_ANON_EDIT = true
> ALLOW_BOGO_LOGIN = true
> ALLOW_USER_PASSWORDS = true
> USER_AUTH_ORDER = "PersonalPage"
> USER_AUTH_POLICY = stacked
> AUTH_SESS_USER = phpwikiuserid
> ...
> AUTH_SESS_LEVEL = 2
> ; NOTE: 1 didn't help...
> ...
> GROUP_METHOD = "NONE"
> ...
>
>
>
>
>
|
|
From: Tom E. <ro...@te...> - 2005-08-24 18:53:16
|
Hello,
for 1.3.11rc3, the code looked a bit different because there
where 3 checks for such variables, not 2, but yes, it works
now for me. THANK YOU!
I hope this fix will be (or is already) in the next releases.
Cheers, Tom.
// if (!empty($HTTP_SERVER_VARS['PHP_AUTH_USER']))
// return $HTTP_SERVER_VARS['PHP_AUTH_USER'];
// pubcookie et al
// if (!empty($HTTP_SERVER_VARS['REMOTE_USER']))
// return $HTTP_SERVER_VARS['REMOTE_USER'];
// if (!empty($HTTP_ENV_VARS['REMOTE_USER']))
// return $HTTP_ENV_VARS['REMOTE_USER'];
--
teicher.net - Guaranteed to be free of any useable content.
|
|
From: Reini U. <ru...@x-...> - 2005-08-24 19:03:29
|
It's in my larger patch to commit, when I have some spare time. > for 1.3.11rc3, the code looked a bit different because there > where 3 checks for such variables, not 2, but yes, it works > now for me. THANK YOU! > I hope this fix will be (or is already) in the next releases. -- Reini Urban http://phpwiki.org/ http://xarch.tu-graz.ac.at/home/rurban/ |
×
Want the latest updates on software, tech news, and AI?
Get latest updates about software, tech news, and AI from SourceForge directly in your inbox once a month.
Thanks for helping keep SourceForge clean.
X