[pmwiki-users] Re: authuser and .htgroups
Jeremy Sproat
sproaticus at gmail.com
Wed Jun 29 20:09:49 CDT 2005
On 6/22/05, Patrick R. Michaud <pmichaud at pobox.com> wrote:
> It may also be worth keeping in mind that sometime in the not-too-distant-
> future AuthUser is expected to support authentication via LDAP
> (and possibly RADIUS):
> $AuthUser['ldap'] = 'ldap://ldap.example.com/ou=People?uid=$1'
I suggest using a separate array for authentication schemes. We're
mixing login names and login schemes in $AuthUser. Hypothetically
speaking, it is possible for a user to legitimately want the username
"ldap" but not be able to because that name is used for something
else. A more realistic example is "pam" - could be Pamela's login
name, or we might be checking passwords against Linux-PAM
(http://www.kernel.org/pub/linux/libs/pam/).
I recommend leaving the usernames in $AuthUser, and putting the
authentication schemes in something similar like $AuthMethod, e.g.
$AuthUser['alice'] = crypt('alicepassword');
$AuthUser['bob'] = crypt('bobpassword');
$AuthMethod['htpasswd'] = 'local/.htpasswd';
$AuthMethod['ldap'] = 'ldap://ldap.example.com/ou=People?uid=$1';
Cheers,
- sproaticus
More information about the pmwiki-users
mailing list