[pmwiki-users] htpasswdForm
Sameer Kumar
skumar at eharch.com
Thu Jul 26 09:30:12 CDT 2007
~~~Another question:
If I do use SSPI, will the author related features in PmWiki still work
as before? For example, Profiles.author pages, authorrequired, etc.??
On 7/26/07, Sameer Kumar <skumar at eharch.com> wrote:
> Dominique,
>
> I have tried and could not get sspi to work; I don't know enough about
> apache or sspi and am giving up on it.
I already manage to make it work successfully, defining a 'protected'
directory containing following files:
~~~What does 'protected' directory mean?? Is it the main pmwiki
directory? Is it the home directory of the website? Or is it a new
directory that is called 'protected'?? where is this new directory
located??
~~~Similarly, in the code below, do I have to modify text like "A
Protected Place" and MYDOMAIN and replace it with my specific
information??
===8<---[.htaccess]---
<IfModule mod_auth_sspi.c>
AuthName "A Protected Place"
AuthType SSPI
SSPIAuth On
SSPIAuthoritative On
SSPIOfferBasic On
#SSPIBasicPreferred On
#SSPIDomain MYDOMAIN
SSPIOmitDomain On
#SSPIUsernameCase On
require valid-user
</IfModule>
===8<---[.htaccess]---
and:
===8<---[phpinfo.php]---
<?php
phpinfo();
===8<---[phpinfo.php]---
lastly, visiting:
http://server/protected/phpinfo.php
with an ntlm-enabled browser would provide the following
authentication data to the php code hosted there:
_SERVER["REMOTE_USER"] <Your_NT_login>
_SERVER["AUTH_TYPE"] NTLM
> Coming back to HtPasswordForm, how can I replace my default PmWiki
login
> form with one that offers new users to register and enter their own
> passwords?
The purpose of HtPasswdForm is not to replace the PmWiki login form,
but to provide a convenient tool to manage the password file used by
the original PmWiki security system (AuthUser), which is still
responsible for the user authentication itself.
Practically, you just have to create a dedicated wiki page
(Site.HtpasswdForm for example), as described by the cookbook recipe.
This page must be readable by everyone and editable by administrators
only.
Also set the config. parameter:
$HtpasswordNewUsers = 1;
in the related configuration file to enable self-registration.
Then, the form rendered on the page will depend on the client
authentication status:
* not already authenticated user => a new name and password form
definition
* previously authenticated user (page edited,...) => a single password
change form
* admin user => the global htpasswd/htgroup administration form
--
Dominique
-------------- next part --------------
An HTML attachment was scrubbed...
URL: /pipermail/pmwiki-users/attachments/20070726/9528ee18/attachment.html
More information about the pmwiki-users
mailing list