[pmwiki-users] pmwiki and Active Directory

Tom info at aurlund.no
Tue May 19 14:21:14 CDT 2009


_>>Tom skrev:_
>
> >>> Peter Bowers skrev:
> >>>
>   
> > Short comment:
> >
> > The error situation has been fixed, but I have another one (which is the
> > REAL problem in this case):
> >
> > 1) The user has got his access set to "read":
> > $idinfo[3] = 'read'
> > $idinfo[1] = user ident
> >
> > $DefaultPasswords[$idinfo[3]] = "id:" . $idinfo[1];
> > (which should be "translated" to: $DefaultPasswords['read'] = 'id:<user
> > ident>).
> >
> > 2) But I am still able to both change pages and store pages when 
logged in
> > as this user (ident).
> >
> > How come ?
> >
 >Have you explicitly set $DefaultPasswords['edit'] to something else? If no
 >edit password has been set then that tells pmwiki to allow edits without
 >authorization. Since you have a read password it would "cascade" to the
 >edit password, but your person is already authenticated and so it doesn't
 >limit anything.
 >
 >$DefaultPasswords[$idinfo[3]] = "id:" . $idinfo[1];
 >if ($idinfo[3] != 'edit' && $idinfo[3] != 'admin')
 >$DefaultPasswords['edit'] = crypt('something-unlikely-to-be-discovered');
 >
 >That may do what you want.
 >
 >-Peter

Yes, the solution works as it should.
But I still have one other question:

Q1: Is there other possible values which could be put in the 
$DefaultPasswords-array?
What about i.e. upload access ?  Remember, I'm new on pmwiki...

Regards,
- Tom A.



More information about the pmwiki-users mailing list