[pmwiki-users] field admin permissions oddness
marc
gmane at auxbuss.com
Fri Sep 29 14:24:04 CDT 2006
marc said...
> Hi,
>
> <?php $Version="pmwiki-2.1.26"; $VersionNum=2001026;
>
> Within a wiki farm, when I successfully log-in to a field (via
> authuser), then navigate to another field, the user remains logged in
> but is retaining the rights given by the original field.
>
> Remaining logged in is good, but the rights should not follow, as I
> understand it.
>
> Then, when I navigate back to the original field, where I logged in, the
> user has been logged out. This shouldn't happen (and doesn't happen on
> other wikis in the farm).
>
> However, when I return to the second field, I am still logged in (with
> the user name used at login).
>
> The logged in user retains the rights to any groups that share the same
> name between the two fields. The obvious problem being the admin group.
>
> I spotted this on an existing farm, so to test it, I created a new field
> and the new field exhibits this behaviour.
>
> I've tried a variety of different users.
>
> I've probably badly misunderstood something, but PmWiki.WikiFarms/Why
> use a farm? says:
>
> From a reader's point of view, each wiki in a farm is completely
> independent, and appears as a separate web site. Each wiki in a farm:
> <snip>
> * can have its own administrator responsible for local configuration
>
> The farm has no home wiki - /pmwiki/wikilib.d only contains the default
> Pmwiki and Site groups. In all other ways, behaviour is normal.
Quick follow up.
The log out is happening due to PmWiki generating two session cookies:
one for the FQDN and one for 'localhost'.
Now to figure out why that would happen within a farm.
--
Best,
Marc
More information about the pmwiki-users
mailing list