[pmwiki-users] Configure pmwiki for kerberos authentication

Nick Thompson nickthompson at agere.com
Wed May 17 05:29:10 CDT 2006


First post here. I only installed pmwiki 2.1.5 yesterday, but it went 
well and it works well. Very impressed - so thanks to all involved in 
its production.

I have possibly a slightly strange authentication/authorization 
requirement, which I'm not sure how to meet with pmwiki.

I need to authenticate all users based on kerberos. I have done this 
using mod_auth_kerb into my wiki location:

<Location /pmwiki>
    AuthType Kerberos
    AuthName "My Wiki Login"
    KrbAuthRealms EXAMPLE.COM
    Krb5Keytab /opt/httpd/2.0.55/conf/myserver.keytab
    KrbMethodK5Passwd on
    KrbMethodK4Passwd off
    KrbVerifyKDC off
    KrbAppendRealm off
    Require valid-user

I would now like to authorize all authenticated users to read the 
wiki, but only allow a small subset of those users to edit or upload 
to the wiki. Also, I'd like the authorized use name to end up in the 
author field of edit.

Is such a setup possible? How would I go about it? AuthUser looks 
close, but I don't need it to check passwords, I guess. It just needs 
to check the already authenticated user name. I imagine this would be 

Sorry for the long email. Thanks for any help you can give.
> Nick Thompson

More information about the pmwiki-users mailing list