Welcome, Registration, and other StartingPoints; TWiki history & Wiki style; All the docs...
View   r2  >  r1  ...
TWikiUserAuthentication 2 - 16 Mar 2001 - Main.PeterThoeny
Line: 1 to 1
Changed:
<
<
TWiki does not authenticate users internally, it depends on the REMOTE_USER environment variable. This variable is set when you enable basic authentication or authentication via SSL (https protocol)
>
>

TWiki Authentication

TWiki does not authenticate users internally, it depends on the REMOTE_USER environment variable. This variable is set when you enable basic authentication or authentication via SSL (https protocol)

 TWiki keeps track who made changes to topics at what time. This gives a complete audit trail of changes.

No special installation steps need to be performed in case the server is already autenticated. If not you can opt for one of these:

  • Forget about authentication. All changes will be registered as TWikiGuest user, e.g. you can't tell who made changes.
Changed:
<
<
  • Use basic authentication for the edit and attach scripts. TWiki Installation tells you more about that.
>
>
 
  • Use SSL to authenticate and secure the whole server.
Changed:
<
<
The REMOTE_USER environment variable is only set for the scripts that are under authentication. If for example the edit, save and preview scripts are authenticated, but not view, you would get your WikiName in preview for the %WIKIUSERNAME% variable, but view will show TWikiGuest instead of your WikiName.
>
>
The REMOTE_USER environment variable is only set for the scripts that are under authentication. If for example the edit, save and preview scripts are authenticated, but not view, you would get your WikiName in preview for the %WIKIUSERNAME% variable, but view will show TWikiGuest instead of your WikiName.

There is a way to tell TWiki to remember the user for the scripts that are not authenticated, e.g. for the case where the REMOTE_USER environment variable is not set. TWiki can be configured to remember the IP address / username pair whenever an authentication happens (edit topic, attach file). Once remembered, the non authenticated scripts like view will show the correct username instead of TWikiGuest. You can enable this by setting the $doRememberRemoteUser flag in TWiki.cfg. TWiki persistently stores the IP address / username pairs in file $remoteUserFilename, which is "$dataDir/remoteusers.txt" by default. Please note that this can fail in case the IP address changes due to dynamically assigned IP addresses or proxy servers.

 
Changed:
<
<
There is a way to tell TWiki to remember the user for the scripts that are not authenticated, e.g. for the case where the REMOTE_USER environment variable is not set. TWiki can be configured to remember the IP address / username pair whenever an authentication happens (edit topic, attach file). Once remembered, the non authenticated scripts like view will show the correct username instead of TWikiGuest. You can enable this by setting the $doRememberRemoteUser flag in wikicfg.pm. TWiki persistently stores the IP address / username pairs in file $remoteUserFilename, which is "$dataDir/remoteusers.txt" by default. Please note that this can fail in case the IP address changes due to dynamically assigned IP addresses or proxy servers. Test: You are TWikiGuest.
>
>
Test: You are TWikiGuest.
 
Changed:
<
<
-- PeterThoeny? - 02 Nov 2000
>
>
-- PeterThoeny - 16 Mar 2001

TWikiUserAuthentication 1 - 02 Nov 2000 - Main.PeterThoeny
Line: 1 to 1
Added:
>
>
TWiki does not authenticate users internally, it depends on the REMOTE_USER environment variable. This variable is set when you enable basic authentication or authentication via SSL (https protocol)

TWiki keeps track who made changes to topics at what time. This gives a complete audit trail of changes.

No special installation steps need to be performed in case the server is already autenticated. If not you can opt for one of these:

  • Forget about authentication. All changes will be registered as TWikiGuest user, e.g. you can't tell who made changes.
  • Use basic authentication for the edit and attach scripts. TWiki Installation tells you more about that.
  • Use SSL to authenticate and secure the whole server.

The REMOTE_USER environment variable is only set for the scripts that are under authentication. If for example the edit, save and preview scripts are authenticated, but not view, you would get your WikiName in preview for the %WIKIUSERNAME% variable, but view will show TWikiGuest instead of your WikiName.

There is a way to tell TWiki to remember the user for the scripts that are not authenticated, e.g. for the case where the REMOTE_USER environment variable is not set. TWiki can be configured to remember the IP address / username pair whenever an authentication happens (edit topic, attach file). Once remembered, the non authenticated scripts like view will show the correct username instead of TWikiGuest. You can enable this by setting the $doRememberRemoteUser flag in wikicfg.pm. TWiki persistently stores the IP address / username pairs in file $remoteUserFilename, which is "$dataDir/remoteusers.txt" by default. Please note that this can fail in case the IP address changes due to dynamically assigned IP addresses or proxy servers. Test: You are TWikiGuest.

-- PeterThoeny? - 02 Nov 2000


Revision 2r2 - 16 Mar 2001 - 09:09:58 - PeterThoeny?
Revision 1r1 - 02 Nov 2000 - 09:23:06 - PeterThoeny?
This site is powered by the TWiki collaboration platform.
All material on this collaboration platform is the property of the contributing authors.
All material marked as authored by Eben Moglen is available under the license terms CC-BY-SA version 4.
Syndicate this site RSSATOM