[pmwiki-users] authuser and ldap authentication - help needed!

Patrick R. Michaud pmichaud at pobox.com
Thu Feb 12 15:05:37 CST 2009


On Thu, Feb 12, 2009 at 06:36:00PM +0000, david roundell wrote:
> noticed today that when i try a 'secure' page that requires a user to
> authenticate themselves that the name/password prompt reappears, even after
> correctly entering the right username/password. you would think this is perhaps
> a problem with 'talking' to the ldap server. however, the login/logout changes
> to logout - so this tells me (i think) that the id and password have been
> authenticated. 

You're likely correct -- if the login/logout changes to 'logout',
that's an indication that the person is authenticated and something
else is happening.


> the attributes on a random page are:
>  
> read p/w: @ id:*
> edit p/w: @ id:*

The bare '@' looks very odd to me -- it might be causing
an issue.  Normally to restrict access to authenticated
folks I would expect   "id:*"   with no @ .

> the page siteadmin.authuser has @editors: id:*

Inside of SiteAdmin.AuthUser the groups already assume "id:", so
this should probably be  "@editors: *".  If you're using groups
in this way, though, you probably want your read/edit passwords
to be "@editors".

Pm




More information about the pmwiki-users mailing list