[pmwiki-devel] Help with understanding an authentication problem

John Rankin john.rankin at affinity.co.nz
Tue May 19 23:03:29 CDT 2009 

One of the Wikipublisher users is encountering a problem with the 
interaction between pmwiki authentication, php5, suphp, and the 
wikipublisher pdf server.

The problem is that his site cannot generate a pdf from a password 
or user/password authenticated page. Other sites do not have this 
problem. The wikipublisher plug-in passes the session cookie to the 
pdf server and it uses this to request the wiki page in xml that 
it then typesets into pdf. On his site, instead of returning the 
content of the protected page, it returns a request for a login.
This used to work, but broke when his hosting service upgraded the
environment.

The advice from his hosting service is as follows:
<quote>
Like I said on the chat the problem is that in order to make the 
password function work I have to revert to PHP4 in dso mode for 
the scripts effected and that probably cause more issues than it 
solve. My suggestion is to revert back to PHP5 with SUPHP to make 
sure the script works and so that it is secure. This will mean that 
the pdf creation of protected pages will not work until the creator 
of that script solve the issue with the makers of SUPHP.

We have tested this application and found that the script does not 
work when suphp and safe mode is enabled. We have installed PHP4 
on the server which is in DSO mode with safe mode disabled and 
currently the folders testwiki, pmwiki, wearelost, martin etc are 
using php4. The remaining site is having php5 with suphp enabled 
and you can check it at "http://www.parakoos.com/info.php". If you 
want to run the application in suphp mode then you need to contact 
developer for further help. 
</quote>

He can get it to work with a config.php patch:

if ($_SERVER['REMOTE_ADDR'] == 'ip.of.pdf.server') {
    $DefaultPasswords['admin'] = '';
    ...
} else {
    ...
}

The admin password takes precedence over the read password, so 
pmwiki lets in the request from the pdf server. This is not a 
very good fix.

Can anyone please:

(a) explain what might be going on to cause the problem

(b) suggest what might be done to fix it

I am at a loss.

TIA
-- 
JR
--
John Rankin

More information about the pmwiki-devel mailing list