[pmwiki-users] Problems with authentification
Martin Kerz
mkerz at me.com
Mon Jul 20 03:12:00 CDT 2009
>> I have some weird problems with authentification. I have set an
>> admin,
>> edit, and upload password. Unfortunately everytime I visit the
>> site, I
>> get authenticated with edit privilegs without entering a password.
>> This is in a farm setup. Has anyone else ever encountered such
>> problems? I have no clue where to start debugging this. :-/
>
> Note that if the fields of the farm are all part of the same domain,
> then it's possible for authentications to "leak" from one field
> to another (partially due to the way PmWiki uses PHP sessions).
I read about that one, but that's not the case. I hidden the link for
editing a page using (:if auth edit:). Even when I start the browser
anew, and the first page I visit is the relevant wikifield, the link
is displayed to me, _and_ I can edit the page. That is although I have
set the edit password in the field's local config like that:
$DefaultPasswords['admin'] = 'crypt('password');
$DefaultPasswords['edit'] = crypt('other-password');
$DefaultPasswords['upload'] = crypt('some-password');
Moreover, ?action=upload asks me for a password, but doesn't accept
"some-password". The admin password does seem to work. :-/
When I set a edit-password using GroupAttributes e.g., everything
works just fine. I'm really a bit confused here.
Martin
More information about the pmwiki-users
mailing list