[pmwiki-users] Users, groups, permissions, security, tools... Help?
erik burggraaf
burggraaferik at gmail.com
Wed Mar 25 13:55:03 CDT 2015
Hello all,
All of the above were a top priority for me when I started building my site. I've been reading and rereading the security documentation for PMWiki, as well as documentation on various recipes dealing with authentication. I installed authuser successfully and I kno how to use the attr action to sed permissions. I was able to put off this whole mess for many months as some minor features and the skin as well as the training of publisher level users could be done without making a detaled group policy or implementing and testing the various tools. Now that these are basically done, the real fun begins and I'm daunted.
First, account creation and login procedures themselves have to be secure. I was thinking of using
http://www.pmwiki.org/wiki/Cookbook/SwitchToSSLMode
for this.
Second, users have to be able to sign themselves up. I tried
http://www.pmwiki.org/wiki/Cookbook/UserAdmin
But didn't get very far with it at all.
Third, we need to be able to collect data on users and securely store user profiles. I played with
http://www.pmwiki.org/wiki/Cookbook/AuthProfile
But it didn't work out, and I'm not sure it's either as secure or robust as I need it to be. A better option might be
http://www.pmwiki.org/wiki/Cookbook/AuthUserDbase
but it has three or four dependencies, and then you still have to do something to allow each user access to his or her own information. That would probably be
http://www.pmwiki.org/wiki/Cookbook/DataQuery
All that, even before I start on the value added services that would make people want to sign up. For that, I really wanted to use
http://www.pmwiki.org/wiki/Cookbook/ZAP
because of it installes a lot of the functions I want all at oncc and has a handler for account creation and logins. I installed it, but I couldn't make a simple loging page work despite going over the documentation very thoroughly. Seeing that it's last update was in 2007, it may be safe to assume the issue isn't all my fault and that compatibility issues have crept in.
I looked at fox forms. Fox is heavily moduler, meaning you don't have to take a bunch of crap you don't want to get the features you do want. Or, you have to spend a bit more time installing and testing each feature you want separately. All depending on your point of view. It doesn't have some of the features I want, such as signup and login, a shopping cart, or paypal intergration, so I would have to go out and install other recipes anyway. That's why I'm not kean on it despite the fact that it seems to be up to date and very powerful in it's own right.
It's super important to me to get this right, but I am daunted by the sheer number of recipes available, the fact that some are pretty old or in alpa or beta stages and haven't been updated in years, and the need to have the proper workflow order for putting all this stuff in.
ANy tips you can give me to save time would be very much appreciated.
Thanks and regards,
Erik
More information about the pmwiki-users
mailing list