[pmwiki-users] How do I only let authorized users edit pages?

Hans design at flutesong.fsnet.co.uk
Sun Jul 24 18:28:16 CDT 2005


Sunday, July 24, 2005, 11:52:49 PM, John wrote:
> s/DefaultPassword/DefaultPasswords/ I think.

sorry, yes
     $DefaultPasswords['edit'] = crypt('mysecret');

>> (replace 'mysecret' with your password).
>> 
>> See http://www.pmwiki.org/wiki/PmWiki/PasswordsAdmin

> Ok, I tried it, and I made a small update to 
> http://www.pmwiki.org/wiki/PmWiki/PasswordsAdmin
> but my page still lets me make a change without having to
> type in a password. Why isn't it asking me for a password?
> Do I need to restart something?

You may need to close your browser in order to start a new session,
otherwise the system remembers you as having edit or admin privileges.


>> scripts/authuser.php is pmwiki's build in script for user
>> authentification, providing a login form with name and password
>> fields.

> It sounds like there's a lot more to it than that. (?)

Sure :-). But basically it checks names against passwords, to find
matching pairs. It does not set passwords. But it gives the option to
use passwords of a kind like id:martin, and if martin logs in with his
password (which you as admin need to give him) then he gets access
rights, to whatever page or group or even sitewide the "password"
id:martin was set.

> It almost makes it sound like pmwiki has that notion of users
> with passwords... but I'm not seeing anything like that in pmwiki
> except for that cookbook AuthUser thing.

Note that username/password pairs are in addition to PmWiki's system,
which does allow password protection for individual pages, whole
groups, or site-wide, and allows to set protection for read, edit,
upload and attr actions respectively. Defining a username plus
password does not give that user any access rights automatically.
These need to be set via ?action=attr for individual pages or groups,
or site-wide through the $DefaultPasswords variable. Page attributes
take priority over group attributes, and both over default passwords
set in config.php. Only $DefaultPasswords['admin'] has priority over
all others (see PmWiki/Passwords).

AuthUser is Pmwiki's official, build in way to handle user
authentication.

The cookbook recipe UserAuth will remain as a separate, alternative
method.


Best, 
~Hans                           





More information about the pmwiki-users mailing list