[pmwiki-users] field admin permissions oddness

marc gmane at auxbuss.com
Mon Oct 2 10:42:40 CDT 2006

Patrick R. Michaud said...
> On Fri, Sep 29, 2006 at 08:24:04PM +0100, marc wrote:
> > Quick follow up.
> > 
> > The log out is happening due to PmWiki generating two session cookies: 
> > one for the FQDN and one for 'localhost'.
> It's not PmWiki doing it -- it's the browser.  The browser thinks
> that 'localhost' and FQDN are two separate hosts, therefore it
> won't send the cookies created under localhost to the FQDN (and
> vice versa).

Argh! Mea culpa. An errant URL combined with an forgotten - and 
erroneous - .htaccess edit. Thanks for nudging me back to reality.

> Similarly, if there are two wikis on a farm that share the same
> FQDN, then PHP will treat them as sharing a common session.


> This
> is why the session_name() approach mentioned in my previous email
> works -- it tells the browser to use a different session cookie
> for each wiki instance, even though they're on the same FQDN.

Okay, but what I would like is a single user log-on for the farm - all 
fields in the farm - but for permissions to be field-specific. Thus, if 
fred is admin for field one, but not field2, when he logs in he is not 
given admin perms for field2, as happens currently. Is there a way to do 

Isn't there a potential problem here? (Not that it can't be managed.) 
For example, if non-admin dino logs in to field1 and is a member of 
group @testers for field1, then he also a member of @testers for all 
other fields. IOW, authorization groups are farm-wide (when not using 
multiple session_names).


More information about the pmwiki-users mailing list