[pmwiki-users] PMwiki, httpauth, safe mode
Patrick R. Michaud
pmichaud at pobox.com
Mon Jul 18 13:09:49 CDT 2005
On Mon, Jul 18, 2005 at 12:35:23PM -0400, Tom Igoe wrote:
> Has anyone ever managed to run httpauth.php with pmwiki while PHP was
> running in safe mode? Because safe mode adds the uid to the end of
> the realm, I can't get httpauth to properly authenticate. I tried
> switching from PHP_AUTH_USER to REMOTE_USER as most of the safe mode
> refs say, but I can't get rid of the uid on the end of the realm, so
> I get no proper verification.
Are you trying to run user-based authorization (e.g., via
scripts/authuser.php) or password-based authorization ?
PmWiki's default is password-based authorization, in which case
neither PHP_AUTH_USER nor REMOTE_USER are used or needed. If safe_mode
is turned on then you'll have to stick with session-based authentication;
i.e., not using httpauth.php.
If you're wanting user-based authorization in a safe_mode environment,
then you'll have to get the webserver to perform the authentication
for you and place the results in REMOTE_USER. The httpauth.php will
correctly grab the authenticated username from REMOTE_USER, but it's up
to the wikiadmin to configure the webserver to do the authentication
(as PmWiki has no mechanism to retrieve HTTP usernames/passwords
in a safe_mode environment).
Hope this helps...
Pm
More information about the pmwiki-users
mailing list