[pmwiki-devel] Advice on coexisting with AuthUser?

John Rankin john.rankin at affinity.co.nz
Thu Jul 17 22:45:03 CDT 2008


Beta 67 continues to enhance pmwiki's username/password capabilities. 
I am trying to understand what to do so that a pmwiki site under the 
control of AuthUser can respond correctly to legitimate requests from 
an external site. I asked on the users list but didn't get a response, 
so I'll try again here.

Specifically, I'd like to understand what the PublishPDF library has
to do if a site has AuthUser enabled, so that the external PDF server
can request content from the wiki and get a response, instead of a
prompt for a username and password. When a user requests a PDF, this 
causes the PDF server to issue an http request for the page content, 
so we have to authenticate the PDF server as an authorised reader,
with the same rights as the person initiating the request.

The user is already authenticated, so somehow that authentication
information needs to be supplied to the wiki, so it doesn't ask the
PDF server to log in. The PDF server doesn't know any user names or
passwords. Is there a session token I can pass from the user to the 
PDF server, that it can pass on as part of a page request and so
inherit the user's read access rights?

Any advice would be greatly appreciated. I'm stuck.
-- 
John Rankin
Affinity Limited
T 64 4 495 3737
F 64 4 473 7991
021 RANKIN
john.rankin at affinity.co.nz
www.affinity.co.nz





More information about the pmwiki-devel mailing list