[pmwiki-devel] Help with understanding an authentication problem
john.rankin at affinity.co.nz
john.rankin at affinity.co.nz
Wed May 20 15:03:22 CDT 2009
> Hi,
>
> On Wed, May 20, 2009 at 06:03, John Rankin <john.rankin at affinity.co.nz>
> wrote:
>> (a) explain what might be going on to cause the problem
>
> Looking at "http://www.parakoos.com/info.php", the php installation
> seems to be using suhosin, which provides some kind of session
> protection, ie. you cannot exchange session data between 2 php
> instances as easily as before.
That is definitely a problem for Wikipublisher.
Is it something the hosting service can configure, so for this
set of sites it doesn't use suhosin? Or is it a server-wide
setting?
>
>> (b) suggest what might be done to fix it
>
> Perhaps, by providing your own way to propagade unserialized auth info
> from one instance to another.
>
> ITOH, why not writing a new PmWiki delegated auth scheme recipe, made
> of two scripts:
>
> * A delegated auth function responsive to forward auth request from a
> slave Pmwiki to a master one.
>
> * The latter would host a set of handler functions able to answer to
> slave requests as if they were locally made.
>
> This would imply some network tools such as curl, or Snoopy
> (http://sourceforge.net/projects/snoopy/).
>
I do not even understand where to begin. Since they also run php
in safe mode, this sets other restrictions on what is allowed.
This problem is way beyond my limited skill level. If I understand
correctly, a recipe could use snoopy to trap the authentication
request and simulate a form response? So this could be done as
a pmwiki plug-in on the affected sites?
In principle, would it be able to use a special authentication
based on the IP address of the request?
Thank you for the help.
JR
More information about the pmwiki-devel
mailing list