[pmwiki-devel] Help with understanding an authentication problem

[Oliver Betz]

john.rankin at affinity.co.nz wrote:

[...]
>>
>>>It seems to me that we ought to be able to define a custom
>>>$AuthFunction that checks the IP address of the requestor,
>>
>> consider also requests from "dynamic" IP addresses. People might have
>> changing addresses.
>
>With my current problem, it is a server doing the requesting,
>and in this particular case it is not being allowed to access the
>wiki. Although it has a static address, you are correct about the

...and it will also have a reverse DNS entry. This makes things much
simpler.

>dynamic IP address case. Peter's suggested approach can satisfy
>this, if the dynamic address can be expressed as a regular
>expression; at least, I think that's the case.

I don't think so. You need gethostbyname() to get the address from the
host name. And you need to call gethostbyname() for each entry in your
list so this might get expensive.

[...]

>Eemeli Aro suggested a related approach some time ago,
>for when the IP address is known, although it doesn't seem
>to work in my current case:
>
>/*
>  To use, put the following in your SiteAdmin.AuthUser file:
>    ip: username ip-address
>*/
>$AuthUserFunctions['ip'] = 'AuthUserIP';
>function AuthUserIP($pagename, $id, $pw, $pwlist) {
>  $i = '';
>  foreach ( (array)$pwlist as $d ) {
>    if ($d==$id) { $i = $d; continue; }
>    if ( $i && ( $_SERVER['REMOTE_ADDR'] == $d ) ) return true;
>  }
>  return false;
>}

I can't assign certain auth levels / ids with this approach, can I?

>Perhaps the DNSallow recipe can use a similar approach?

DNSallow was only a sample page name. The recipe page is
Cookbook/DNSauth.

I don't understand what you want to express by "Perhaps the DNSallow
recipe can use a similar approach".

Oliver