[pmwiki-users] authenticate against samba PDC

Falk Hamann Falk.Hamann at dbaudio.com
Fri Nov 24 09:49:15 CST 2006 

On Fri, 24 Nov 2006 09:18:22 +0100
Falk Hamann <Falk.Hamann at dbaudio.com> wrote:

> On Thu, 23 Nov 2006 11:19:07 +0100
> Falk Hamann <Falk.Hamann at dbaudio.com> wrote:
> 
> > On Thu, 23 Nov 2006 10:10:13 +0100
> > "Dominique Faure" <dominique.faure at gmail.com> wrote:
> > 
> > > You'd better leave scripts/httpauth.php unchanged (to not loose
> > > anything when upgrading), and have all your customizations into
> > > config.php (untested):
> > > 
> > > # strip any domain prefix
> > > if(isset($_SERVER['REMOTE_USER']))
> > >   $_SERVER['REMOTE_USER'] =
> > >     preg_replace("/^[^\\]+\\\/", "", @$_SERVER['REMOTE_USER']);
> > > include_once('scripts\httpauth.php');
> > 
> > Thanks for this hint.
> > 
> > The other problem is still unresolved.
> > 
> > Groups, which defined in AuthUser.php (@write: test) und assign
> > (@write) to write via test.php?action=attr do !!!NOT!!! work.
> > Which means user test should be allowed to write, but this failed.
> > 
> > Read-Permission assigned via test.php?action=attr as id:test do
> > work.
> > 
> > Whats going wrong ?
> > 
> 
> I've verified with debug-code that Windows-logon without domainname is
> arrive $AuthId and $Author.
> 
> On AuthUser.php I defined a group "write" and a
> user "test".
> 
> @write: johndoe, test
> test: $1$l1...
> 
> On test.php?action=attr permissions are set as followed:
> 
> read: id:johndoe id:test
> write: @write
> 
> Readaccess works for both user. But write works only for user "test".
> Why ?
> 
> User "test" is defined in AuthUser.php. User "johndoe" comes from
> $_SERVER['REMOTE_USER'].
> 
> What can I do, that these users also work with groups defined in
> AuthUser.php. Or should I define the groups in another way ? May this
> help ?
> Define the Group in local/config.php also not work:
> $AuthUser['@write'] = array('johndoe', 'test');
> 
> Could defining groups in .htgroup solve my problem ?
> 
> 

The following hack solve the Problem.

--- authuser.php_orig   2006-11-24 16:37:06.000000000 +0100
+++ authuser.php        2006-11-24 16:36:16.000000000 +0100
@@ -35,6 +35,8 @@
 if (@$_POST['authid']) 
   AuthUserId($pagename, stripmagic(@$_POST['authid']), 
              stripmagic(@$_POST['authpw']));
+elseif (@$_SERVER['REMOTE_USER'])
+  AuthUserId($pagename, stripmagic(@$_SERVER['REMOTE_USER']));
 else SessionAuth($pagename);
 
 function AuthUserId($pagename, $id, $pw=NULL) {


I mean, it's not the best solution. I wish, I can write something to
config.php and let pmwiki-code anchanged.

Any hints ?

-- 

[root at Linux] chown linux.users /world

More information about the pmwiki-users mailing list