[pmwiki-users] field admin permissions oddness

marc gmane at auxbuss.com
Fri Sep 29 14:24:04 CDT 2006


marc said...
> Hi,
> 
> <?php $Version="pmwiki-2.1.26"; $VersionNum=2001026; 
> 
> Within a wiki farm, when I successfully log-in to a field (via 
> authuser), then navigate to another field, the user remains logged in 
> but is retaining the rights given by the original field.
> 
> Remaining logged in is good, but the rights should not follow, as I 
> understand it.
> 
> Then, when I navigate back to the original field, where I logged in, the 
> user has been logged out. This shouldn't happen (and doesn't happen on 
> other wikis in the farm).
> 
> However, when I return to the second field, I am still logged in (with 
> the user name used at login).
> 
> The logged in user retains the rights to any groups that share the same 
> name between the two fields. The obvious problem being the admin group.
> 
> I spotted this on an existing farm, so to test it, I created a new field 
> and the new field exhibits this behaviour.
> 
> I've tried a variety of different users.
> 
> I've probably badly misunderstood something, but PmWiki.WikiFarms/Why 
> use a farm? says:
> 
>   From a reader's point of view, each wiki in a farm is completely
>   independent, and appears as a separate web site. Each wiki in a farm:
>   <snip>
>   * can have its own administrator responsible for local configuration
> 
> The farm has no home wiki - /pmwiki/wikilib.d only contains the default 
> Pmwiki and Site groups. In all other ways, behaviour is normal.

Quick follow up.

The log out is happening due to PmWiki generating two session cookies: 
one for the FQDN and one for 'localhost'.

Now to figure out why that would happen within a farm.

-- 
Best,
Marc





More information about the pmwiki-users mailing list