[pmwiki-users] userAuth and unix passwd file
Patrick R. Michaud
pmichaud at pobox.com
Mon Jun 20 15:14:29 CDT 2005
On Mon, Jun 13, 2005 at 10:35:52AM +0200, Masschelein Bart wrote:
> Hello,
>
> Apparently I don't have direct access to the password file,
> but what I could do is on a regular basis "ypcat passwd > passwd.local".
This works just fine. I'm attaching a new script I'm testing for
the distribution that uses passwd-formatted files for authentication.
Just place the attached script (authuser.php) into your cookbook directory,
then add the following lines to your config.php:
$AuthUser['htpasswd'] = '/path/to/your/passwd.local'
include_once('cookbook/authuser.php');
This will change PmWiki's password page to prompt for both a
username and password, and if a username is supplied it will attempt
to authenticate it against the passwd.local file.
Then, protecting pages on the wiki uses the same mechanisms as
default -- i.e., set per-page and per-group passwords using ?action=attr,
except you can add "passwords" that look like
id:bart # only "bart" can do this
id:bart,nancy # both "bart" and "nancy"
id:* # anyone with a valid username/password
foobar id:bart # only "bart" and anyone who knows the password "foobar"
So, if you wanted a site-wide edit restriction, you can do:
$DefaultPasswords['edit'] = 'id:bart,nancy';
Try that, and let me know if you have any questions or run into any
problems. The script is still undergoing testing, but I expect to be
including it in the distribution soon.
Pm
> From: Patrick R. Michaud [mailto:pmichaud at pobox.com]
> Sent: Thursday, June 09, 2005 19:53
> To: Masschelein Bart
> Cc: pmwiki-users at pmichaud.com
> Subject: Re: [pmwiki-users] userAuth and unix passwd file
>
>
> On Tue, Jun 07, 2005 at 06:16:45PM +0200, Masschelein Bart wrote:
> > Hello,
> >
> > I've installed the latest version of the PmWiki on the intranet of my
> > work, to be used among several users of several groups. I want to use the
> > userauth plug in, to to authentication. Is the only way to use this by
> > having the users enter their email addres and preferred username, and then
> > the admin has to send a pwd? Is there a way to link the unix passwd file
> > with the .passwd file required by PnWiki? Like this I don't have to give
> > everybody a new password. My guess is that it is not possible, as you have
> > to set the permission (read, edit, etc) as well. Any clues?
>
> PmWiki's built-in authentication system can do what you want, *provided*
> there's some way for PmWiki to be able to get read access to the
> encrypted unix passwords. Most modern unix systems store the passwords
> in /etc/shadow or somewhere that makes it difficult for a web script
> to be able to access them. But if they're available somewhere, it's
> fairly simple to get PmWiki to use the unix passwords (and I'll be
> happy to write the code to set that up).
>
> Pm
>
More information about the pmwiki-users
mailing list