[pmwiki-users] action=login gives bogus error msg
Russ Fink
russfink at hotmail.com
Wed Nov 15 17:56:23 CST 2006
User "admin" not accepted by ?action=login for any page, under Pmwiki
version 2.1.26, using AuthUser.
Steps:
1. Configure system for AuthUser. Create a couple of users, and a group
"@admins" that includes the users. For instance, create "russ" and put him
in the @admins group.
2. Set up site-wide default passwords to "@admins" group in the
config.php script for edit and attr, leave "read" blank.
3. Preliminary - Go to Main.HomePage?action=logout to start.
1. I visit Site.AuthUser?action=attr - I am asked for a password,
good. Do not do anything, just verify not already admin, witnessed by the
fact that it wants a password. I have this page locked to all but admin.
2. I try Main.HomePage?action=edit and am asked for a password.
Again, I didn't log in, just verified I need a password to continue.
4. Problem Steps - Go to Main.HomePage?action=logout, then
Main.HomePage?action=login.
1. Log in as "admin" - What I get back is "Name/password not
recognized"
2. Without logging out, I try Site.AuthUser?action=attr again -
this time, I am not asked for a password. This tells me that the previous
"name/pass not recognized" is in error, and that I am actually logged in as
admin.
3. I go to Main.HomePage?action=logout, then
Main.HomePage?action=login. I log in as "russ" then try to edit main:
Main.HomePage?action=edit and this works.
5. It works correctly when the action target is not "login." For
instance, I go to Main.HomePage?action=logout, then
Main.HomePage?action=edit, it asks for a password, I log in as "admin" and
it works.
My config.php snippet:
# RAF * use AuthUser; force logged in user to prepopulate in
# change form
include_once("$FarmD/scripts/authuser.php");
$Author = $AuthId;
# RAF * prevent groups w/o password; see
# Cookbook:LimitWikiGroups, opt 2
$rc = FmtPageName('$Group.RecentChanges', $pagename);
if (!PageExists($rc))
$DefaultPasswords['edit'] = $DefaultPasswords['admin'];
# RAF * establish site-wide default passwords per groups
# $DefaultPasswords['read'] = '';
$DefaultPasswords['edit'] = '@admins';
$DefaultPasswords['attr'] = '@admins';
$DefaultPasswords['upload'] = '@admins';
What am I doing wrong?
Thanks,
Russ
_________________________________________________________________
Get FREE company branded e-mail accounts and business Web site from
Microsoft Office Live
http://clk.atdmt.com/MRT/go/mcrssaub0050001411mrt/direct/01/
More information about the pmwiki-users
mailing list