[pmwiki-users] htpasswdForm

Sameer Kumar skumar at eharch.com
Thu Jul 26 09:30:12 CDT 2007


~~~Another question:

If I do use SSPI, will the author related features in PmWiki still work
as before? For example, Profiles.author pages, authorrequired, etc.??

 

 

On 7/26/07, Sameer Kumar <skumar at eharch.com> wrote:

> Dominique,

> 

> I have tried and could not get sspi to work; I don't know enough about

> apache or sspi and am giving up on it.

 

I already manage to make it work successfully, defining a 'protected'

directory containing following files:

 

~~~What does 'protected' directory mean?? Is it the main pmwiki
directory? Is it the home directory of the website? Or is it a new
directory that is called 'protected'?? where is this new directory
located??

 

~~~Similarly, in the code below, do I have to modify text like "A
Protected Place" and MYDOMAIN and replace it with my specific
information?? 

 

===8<---[.htaccess]---

<IfModule mod_auth_sspi.c>

   AuthName "A Protected Place"

   AuthType SSPI

   SSPIAuth On

   SSPIAuthoritative On

   SSPIOfferBasic On

   #SSPIBasicPreferred On

   #SSPIDomain MYDOMAIN

   SSPIOmitDomain On

   #SSPIUsernameCase On

   require valid-user

</IfModule>

===8<---[.htaccess]---

 

and:

 

===8<---[phpinfo.php]---

<?php

phpinfo();

===8<---[phpinfo.php]---

 

lastly, visiting:

  http://server/protected/phpinfo.php

with an ntlm-enabled browser would provide the following

authentication data to the php code hosted there:

 

_SERVER["REMOTE_USER"] <Your_NT_login>

_SERVER["AUTH_TYPE"]   NTLM

 

> Coming back to HtPasswordForm, how can I replace my default PmWiki
login

> form with one that offers new users to register and enter their own

> passwords?

 

The purpose of HtPasswdForm is not to replace the PmWiki login form,

but to provide a convenient tool to manage the password file used by

the original PmWiki security system (AuthUser), which is still

responsible for the user authentication itself.

 

Practically, you just have to create a dedicated wiki page

(Site.HtpasswdForm for example), as described by the cookbook recipe.

This page must be readable by everyone and editable by administrators
only.

Also set the config. parameter:

  $HtpasswordNewUsers = 1;

in the related configuration file to enable self-registration.

 

Then, the form rendered on the page will depend on the client

authentication status:

 

* not already authenticated user => a new name and password form
definition

* previously authenticated user (page edited,...) => a single password

change form

* admin user => the global htpasswd/htgroup administration form

 

-- 

Dominique

-------------- next part --------------
An HTML attachment was scrubbed...
URL: /pipermail/pmwiki-users/attachments/20070726/9528ee18/attachment.html 


More information about the pmwiki-users mailing list