[pmwiki-users] htpasswdForm

Sameer Kumar skumar at eharch.com
Thu Jul 26 09:27:18 CDT 2007


On 7/26/07, Sameer Kumar <skumar at eharch.com> wrote:
> Dominique,
>
> I have tried and could not get sspi to work; I don't know enough about
> apache or sspi and am giving up on it.

I already manage to make it work successfully, defining a 'protected'
directory containing following files:

~~~What does 'protected' directory mean?? Is it the main pmwiki
directory? Is it the home directory of the website? Or is it a new
directory that is called 'protected'?? where is this new directory
located??

~~~Similarly, in the code below, do I have to modify text like "A
Protected Place" and MYDOMAIN and replace it with my specific
information?? 

===8<---[.htaccess]---
<IfModule mod_auth_sspi.c>
   AuthName "A Protected Place"
   AuthType SSPI
   SSPIAuth On
   SSPIAuthoritative On
   SSPIOfferBasic On
   #SSPIBasicPreferred On
   #SSPIDomain MYDOMAIN
   SSPIOmitDomain On
   #SSPIUsernameCase On
   require valid-user
</IfModule>
===8<---[.htaccess]---

and:

===8<---[phpinfo.php]---
<?php
phpinfo();
===8<---[phpinfo.php]---

lastly, visiting:
  http://server/protected/phpinfo.php
with an ntlm-enabled browser would provide the following
authentication data to the php code hosted there:

_SERVER["REMOTE_USER"] <Your_NT_login>
_SERVER["AUTH_TYPE"]   NTLM

> Coming back to HtPasswordForm, how can I replace my default PmWiki
login
> form with one that offers new users to register and enter their own
> passwords?

The purpose of HtPasswdForm is not to replace the PmWiki login form,
but to provide a convenient tool to manage the password file used by
the original PmWiki security system (AuthUser), which is still
responsible for the user authentication itself.

Practically, you just have to create a dedicated wiki page
(Site.HtpasswdForm for example), as described by the cookbook recipe.
This page must be readable by everyone and editable by administrators
only.
Also set the config. parameter:
  $HtpasswordNewUsers = 1;
in the related configuration file to enable self-registration.

Then, the form rendered on the page will depend on the client
authentication status:

* not already authenticated user => a new name and password form
definition
* previously authenticated user (page edited,...) => a single password
change form
* admin user => the global htpasswd/htgroup administration form

-- 
Dominique



More information about the pmwiki-users mailing list