[pmwiki-users] PMwiki, httpauth, safe mode
Patrick R. Michaud
pmichaud at pobox.com
Mon Jul 18 14:49:30 CDT 2005
On Mon, Jul 18, 2005 at 02:34:45PM -0400, Tom Igoe wrote:
> >
> >If you're wanting user-based authorization in a safe_mode environment,
> >then you'll have to get the webserver to perform the authentication
> >for you and place the results in REMOTE_USER. The httpauth.php will
> >correctly grab the authenticated username from REMOTE_USER, but
> >it's up
> >to the wikiadmin to configure the webserver to do the authentication
> >(as PmWiki has no mechanism to retrieve HTTP usernames/passwords
> >in a safe_mode environment).
> >
> >Hope this helps...
>
> It does, somewhat. I could have the server fill in remote user by
> having it force authentication for all hits. But I don't want to do
> that. I only want to force authentication for editing and higher
> functions, which is why I'm trying to use http authorization.
Unfortunately, Apache doesn't play well that way -- either Apache
authorizes everything (based on url) or it authorizes nothing,
entirely based on the settings in .htaccess. There's no way for a
script such as pmwiki.php to say "I need Apache to perform authorization
for this request."
> I'm pulling the login from a remote kerberos server.
Sounds like what we might want here is to update PmWiki's authuser.php
script to allow authentication via a remote kerberos server. :-)
Pm
More information about the pmwiki-users
mailing list