Welcome, Registration, and other StartingPoints; TWiki history & Wiki style; All the docs...
View   r22  >  r21  ...
TWikiUserAuthentication 22 - 27 Mar 2005 - Main.TWikiContributor
Line: 1 to 1
 

TWiki User Authentication

Line: 40 to 40
 You can select your chosen login through the Security Settings pane in the configure interface.
Changed:
<
<

No Login

>
>

No Login (select none in configure)

 Does exactly what it says on the tin. Forget about authentication to make your site completely public - anyone can browse and edit freely, in classic Wiki style. All visitors are given the TWikiGuest default identity, so you can't track individual user activity.

ALERT! Note: This setup is not recommended on public websites for security reasons; anyone would be able to change system settings and perform tasks usually restricted to the TWikiAdminGroup.

Changed:
<
<

Template Login

>
>

Template Login (select TWiki::Client::TemplateLogin in configure)

 Template Login asks for a username and password in a web page, and processes them using whatever Password Manager you choose. Users can log in and log out.

Enabling Template Login

  1. Use the configure interface to
Changed:
<
<
    1. enable the TemplateLogin login manager (on the Security Settings pane).
>
>
    1. select the TWiki::Client::TemplateLogin login manager (on the Security Settings pane).
 
    1. select the appropriate password manager for your system, or provide your own.
  1. Register yourself in the TWikiRegistration topic.
Changed:
<
<

HELP Check that the password manager recongises the new user. If you are using .htpasswd files, check that a new line with the username and encrypted password is added to the .htpasswd file. If not, you probably got a path wrong, or the permissions may not allow the webserver user to write to that file.
>
>

HELP Check that the password manager recognises the new user. If you are using .htpasswd files, check that a new line with the username and encrypted password is added to the .htpasswd file. If not, you probably got a path wrong, or the permissions may not allow the webserver user to write to that file.
 
  1. Create a new topic to check if authentication works.
  2. Edit the TWikiAdminGroup topic in the Main web to include users with system administrator status.
    ALERT! This is a very important step, as users in this group can access all topics, independent of TWiki access controls.
Line: 68 to 68
 TIP You can customize the default user home page in NewUserTemplate. The same variables get expanded as in the template topics
Changed:
<
<

Apache Login

>
>

Apache Login (select TWiki::Client::ApacheLogin in configure)

 Using this method TWiki does not authenticate users internally. Instead it depends on the REMOTE_USER environment variable, which is set when you enable authentication in the webserver.
Line: 80 to 80
 The same private .htpasswd file used in TWiki Template Login can be used to authenticate Apache users, using the Apache Basic Authentication support. This allows the TWiki registration support to maintain usernames and passwords.
Added:
>
>
Warning: Do not use the Apache htpasswd program with .htpasswd files generated by TWiki! htpasswd wipes out email addresses that TWiki plants in the info fields of this file.
 

Enabling Apache Login using mod_auth

You can use any other Apache authentication module that sets REMOTE_USER.
Changed:
<
<
  1. Use configure to select the ApacheLogin login manager.
>
>
  1. Use configure to select the TWiki::Client::ApacheLogin login manager.
 
  1. Use configure to set up TWiki to create the right kind of .htpasswd entries.
  2. Create a .htaccess file in the twiki/bin directory.
    HELP There is an template for this file in twiki/bin/.htaccess.txt that you can copy and change. The comments in the file explain what need to be done.
    HELP If you got it right, the browser should now ask for login name and password when you click on the Edit. If .htaccess does not have the desired effect, you may need to "AllowOverride All" for the directory in httpd.conf (if you have root access; otherwise, e-mail web server support)
    ALERT! At this time TWikiAccessControls do not control access to files in the pub area, unless they are only accessed through the viewfile script. If your pub directory is set up to allow open access you may want to add .htaccess files in there as well to restrict access
Line: 119 to 121
 
Added:
>
>
Note that you cannot override access controls preferences this way.
 

Cookies and Transparent Session IDs

TWiki normally uses cookies to store session information on a client computer. Cookies are a common way to pass session information from client to server. TWiki cookies simply hold a unique session identifier that is used to look up a database of session information on the TWiki server.


Revision 22r22 - 27 Mar 2005 - 13:14:15 - TWikiContributor
Revision 21r21 - 27 Mar 2005 - 13:14:15 - TWikiContributor
This site is powered by the TWiki collaboration platform.
All material on this collaboration platform is the property of the contributing authors.
All material marked as authored by Eben Moglen is available under the license terms CC-BY-SA version 4.
Syndicate this site RSSATOM