<br><br><div><span class="gmail_quote">On 6/27/07, <b class="gmail_sendername">Sivakatirswami</b> <<a href="mailto:katir@hindu.org">katir@hindu.org</a>> wrote:</span><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
Tegan Dowling wrote:<br>><br>> If only AuthUser didn't have that ?action=login bug.<br><br><br>What is that?</blockquote><div><br></div></div>That arises if you use both AuthUser *and* the original password-authentication scheme -- so you do set an edit password in
config.php, for instance, or have a read or edit password in a group's GroupAttributes?action=attr or in a page's ?action=attr -- then you must be careful not to use ?action=login to elicit such a password. <br>
<br>This is because having AuthUser enabled makes the wiki expect a username-password match. If the login screen is prompted by a link to a page, or an edit link, all is fine. The user enters the password alone, or the password plus any username at all, and the wiki passes the user through to the destination.
<br><br>If, however, you use ?action=login to take the user to the login screen, and the user enters that password, the wiki will indeed authenticate the user, but won't take the user back to the page they were on when they clicked the link. Instead, the login screen remains -- confusing even expert users into thinking that the password has failed.
<br>