[pmwiki-users] Bizarre AuthUser Behavior?

Patrick R. Michaud pmichaud at pobox.com
Tue Aug 29 11:05:12 CDT 2006

On Tue, Aug 29, 2006 at 10:49:55AM -0500, Michael Gleicher wrote:
> OK - there is probably a logical explanation for this...
> I have a Wiki that works great using AuthUser and a local password file.
> 	http://www.cs.wisc.edu/graphics/Wiki
> I made another Wiki on the same server.
> 	http://www.cs.wisc.edu/~cs559-1/Wiki/
> A totally new install. Downloaded a new tarball, ran through the steps 
> of editing config.php and getting some favorite recipes.
> [...]
> What's wierder: if I log into my first Wiki and then go to my second 
> Wiki, it thinks that I'm logged in and lets me edit.

PmWiki uses PHP sessions to keep track of authentication/authorization
information, and by default PHP sets things up such that all interactions
with the same server are considered part of the same session.

An easy way to fix this is to make sure each wiki is using a different
cookie name for its session identifier.  Near the top of one of
the wiki's local/config.php files, before calling authuser or any 
other recipes, add a line like:


You can pick any alphanumeric name for XYZSESSID; for example,
for the cs559-1 wiki you might choose


This will keep the two wikis' sessions independent of each other.

> So, I was hoping someone could help me:
> 1) with some tips on figuring out why I can't log in to the second Wiki

I'm not sure about this one -- does the second wiki have read
permissions to the local password file?  Perhaps double-check
the filenames and file paths?

> 2) understanding why the 2 wikis are coupled - even though there is 
> nothing in config.php that mentions the other.

The above should fix this issue.

> 3) have different sets of authorized users on each different Wiki (if 
> this isn't possible, I'd just like to know that)

It's entirely possible, we just need to figure out why the second
wiki's authorizations aren't working.


More information about the pmwiki-users mailing list