[pmwiki-users] Bizarre AuthUser Behavior?

Patrick R. Michaud pmichaud at pobox.com
Tue Aug 29 11:14:55 CDT 2006


On Tue, Aug 29, 2006 at 06:05:02PM +0200, Dominique Faure wrote:
> On 8/29/06, Michael Gleicher <gleicher at cs.wisc.edu> wrote:
> > I have a Wiki that works great using AuthUser and a local password file.
> >         http://www.cs.wisc.edu/graphics/Wiki
> >
> > I made another Wiki on the same server.
> >         http://www.cs.wisc.edu/~cs559-1/Wiki/
> > [...]
> > What's wierder: if I log into my first Wiki and then go to my second
> > Wiki, it thinks that I'm logged in and lets me edit.
>
> Since your wikis are both hosted on the same domain (www.cs.wisc.edu),
> you should set the $CookiePrefix variable in your config.php to a
> wiki-specific value in order to stop any wiki coupling thru the auth
> cookie.

Just for completeness...

While it may be a good idea to also set $CookiePrefix (to avoid
coupling of author cookies), PmWiki just uses the PHP default
value for session cookies, which doesn't incorporate $CookiePrefix.

Maybe we should try to get PHP sessions to make use of $CookiePrefix,
but I see all sorts of confusion arising out of that.

Pm




More information about the pmwiki-users mailing list