00010: user-based authorization
Description: Many sites would like to have authentication by user instead of by shared passwords (as PmWiki does now by default).
And quite nicely too. I would like to see the 'official' specification extended in two ways:
- support for user groups, so that permissions can be granted to a group as well as a user (it should be possible to make users members of multiple groups)
- support for exclusion-permissions, i.e. if a user has read_all or edit_PageNameGroup, it should be possible to set permissions like noread_group-`PageGroup or noedit_page-`PageName (using notation similar to Cookbook/UserAuth) - only admin would beat noread or noedit. Presumably for competing permissions at the same level the 'permissive' one should win. shi
Urmil: I wrote a wrapper code that handles authorization and disables edit/post/... actions if the user is not authorized. The script is simple (and to be ported for PmWiki2), but doesn't support page / group wise restrictions. Please keep this in mind if you write authorization script.
Also, it will be good if there is an option to use username / password from Apache style .htpasswd file.
I use HTTP-Authentication for user management on some PmWiki wikis that run on Apache servers. I wrote a Quick Step Guide with instructions on how to setup authentication using .htaccess / .htpasswd. It's easy once you get the hang of it.
Author tracking is enforced by the following line in the (PmWiki ver. 1) local configuration file.
I use the SiteAdmin.AuthUser page to create user accounts at my wiki. Now, I have three on there now (big site, really). Two I created some time ago (like 2 years ago, or something) that are functioning correctly, but a third that I've recently created, and I can't get this guy working. I have entered and re-entered various times, the same as for the others:
- username $1$o4iUYvYF$cZh46pfprMsAIDEhRs.kQ1
and the guy can't get in with the assigned username and password.
I am confused by this.
This site is running pmwiki-2.2.27 (VersionNum=2002027).
tonybaldwin September 24, 2011, at 02:36 PM
It is not
# username $1$password but
username: $1$password, that is no # at the beginning of the line, and a column after the username. --Petko September 24, 2011, at 03:09 PM
Yes, sir, you are correct, and I regret neglecting the : here, but I do have that on my site with the colon. tonybaldwin September 25, 2011, at 10:53 AM