[pmwiki-users] Problem using AuthUser [resend, truncated message]

Petko Yotov 5ko at 5ko.fr
Fri Aug 10 13:30:21 PDT 2018 

[Resending to the list as it bounced back.]

> $DefaultPasswords['read'] = array('@read', crypt('pw3'), crypt('pw4'));

You need to add read permissions to the @edit group too:

    $DefaultPasswords['read'] = array('@read', '@edit', crypt('pw3'), 
crypt('pw4'));

It may not be intuitive but PmWiki allows that a user be able to edit 
without being able to read the edited page, for example in form 
processing addons.

If this does not fix the problem, i.e. even users with @read permissions 
cannot login, we can discuss this further.

And a note: the documentation source uses the markup "->" for 
indentation, but you need to write the actual directives without any 
markup, for example, not:

   --> user1: $2y$...      (wrong)
   --> @read: user1, user2 (wrong)

You need to write those either at start of line or after only spaces:

   user1: $2y$...
   @read: user1, user2

Petko


On 08/08/2018 18:29, Joshua J. Kugler wrote:
> Thank you for the reply. I will attempt an upgrade to 2.2.109. I have 
> to be
> careful since I have some files sitting around in the public areas, 
> etc. :)
> 
> I am running PHP 5.5.9. Would the crypt/pmcrypt still be an issue? The
> passwords generated by using *crypt* are not an issue. It's that the 
> accounts
> listed in /SiteAdmin/AuthUser  do *not* work.
> 
> j
> 
> On Wednesday, August 8, 2018 2:50:22 AM AKDT Petko Yotov wrote:
>> If you have PHP 5.6 or newer you can no longer use crypt() this way.
>> 
>> You should upgrade to the latest PmWiki version, 2.2.109  and change 
>> all
>> calls to crypt() with pmcrypt().
>> 
>> Please read the release notes before you upgrade.
>> 
>> Petko
>> 
>> P.S. Version 2.2.109 should work even with older PHP versions.
>> 
>> On 06/08/2018 09:52, Joshua J. Kugler wrote:
>> > I'm trying to convert to AuthUser. However, when I try to login in, it
>> > goes
>> > right back to the login screen
>> >
>> > I have AuthUser enabled. The first part of config.php looks like:
>> >
>> > <?php if (!defined('PmWiki')) exit();
>> > $WikiTitle = 'My Title';
>> >
>> > $PageLogoUrl = "$PubDirUrl/images/my_header.jpg";
>> >
>> > $EnableUpload = 1;
>> > $UploadPrefixFmt = '/$Group/$Name';
>> > $EnableUploadVersions=1;
>> >
>> > # We want to be able to enable password protection on pages
>> > $DefaultPasswords['admin'] = array(crypt('pw'), crypt('pw2'));
>> > $DefaultPasswords['read'] = array('@read', crypt('pw3'), crypt('pw4'));
>> > $DefaultPasswords['edit'] = array('@edit', crypt('pw5'));
>> > $DefaultPasswords['upload'] = array('@edit', crypt('pw6'));
>> >
>> > # Enable AuthUser
>> > include_once("$FarmD/scripts/authuser.php");
>> >
>> > NOTE: using the "old" (existed before switch to AuthUser) pwX passwords
>> > still
>> > works, as it should...just not the new user/pass combinations.
>> >
>> > /SiteAdmin/AuthUser looks like:
>> >
>> > user1: $!$<password created with (:encrypt wonderland:)>
>> > ---
>> > userN: $!$<password created with (:encrypt wonderland:)>
>> >
>> > @read: user1, user2, user3
>> >
>> > @edit: user4, user5, user6

More information about the pmwiki-users mailing list