[pmwiki-users] Which authentication module to use?

Jon Wickström Jon.Wickstrom at arrak.fi
Wed Dec 16 07:03:17 CST 2009


Q: What authentication module should I use? Minumum is allowing user to change own password, selfregistering is preferred. Probable needed security levels are admin, logged in user can edit, not logged in users can read. I don't want to use a database or external source for the authentication.

AuthUser is built in, but does not quite take me all the way. Minimum requirement is for the user to be able to change their own password.

AuthUserSignup seems to have signup and password changeing. And it is built on AuthUser? Stable. Is it supported?

MemberMgmt has all the bells and whistles? Has it's own security model? Not actively supported anymore?

PresenceAwareness also has all the bells and whistles. Not built on the AuthUser security model? No idea about support. 

UserAuth seems to be deprecated in favour of other recipies.

UserAuth2 has support for changeing users own password, but no self registration? Claims to be an improvement over AuthUser. Has it's own security model? Stable. Active support?

I would prefere to go as mainline as possible. Would that be AuthUser+AuthUserSignup? I almost started installing this, but got a bit put off with security concerns with having to allow WikiSh do filehandling. Now I'm leaning a bit towards UserAuth2.

Is there lika a err.. wiki entry or something for helping me choose? ;-)

Regards,
   Jon Wickström



More information about the pmwiki-users mailing list