diff options
| author | Peter Thoeny <web-hurd@gnu.org> | 2000-11-02 09:23:06 +0000 |
|---|---|---|
| committer | Peter Thoeny <web-hurd@gnu.org> | 2000-11-02 09:23:06 +0000 |
| commit | 17e93a1cacdca0250c30a818d84c736c9c1e22be (patch) | |
| tree | 5c59554836bc89f6f4adc7ca9dff1a73ecfaa837 /TWiki/TWikiUserAuthentication.mdwn | |
| parent | 6ce29e7c32d19176c9e0cc393531fcd5e25ce2c3 (diff) | |
none
Diffstat (limited to 'TWiki/TWikiUserAuthentication.mdwn')
| -rw-r--r-- | TWiki/TWikiUserAuthentication.mdwn | 15 |
1 files changed, 15 insertions, 0 deletions
diff --git a/TWiki/TWikiUserAuthentication.mdwn b/TWiki/TWikiUserAuthentication.mdwn new file mode 100644 index 00000000..a4e8b1bc --- /dev/null +++ b/TWiki/TWikiUserAuthentication.mdwn @@ -0,0 +1,15 @@ +TWiki does not authenticate users internally, it depends on the `REMOTE_USER` environment variable. This variable is set when you enable basic authentication or authentication via SSL (https protocol) + +TWiki keeps track who made changes to topics at what time. This gives a complete audit trail of changes. + +No special installation steps need to be performed in case the server is already autenticated. If not you can opt for one of these: + +* Forget about authentication. All changes will be registered as %MAINWEB%.TWikiGuest user, e.g. you can't tell who made changes. +* Use basic authentication for the `edit` and `attach` scripts. [TWiki Installation](TWikiDocumentation#installation) tells you more about that. +* Use SSL to authenticate and secure the whole server. + +The `REMOTE_USER` environment variable is only set for the scripts that are under authentication. If for example the `edit`, `save` and `preview` scripts are authenticated, but not `view`, you would get your [[WikiName]] in `preview` for the <code>%WIKIUSERNAME%</code> variable, but `view` will show `TWikiGuest` instead of your WikiName. + +There is a way to tell TWiki to remember the user for the scripts that are not authenticated, e.g. for the case where the `REMOTE_USER` environment variable is not set. TWiki can be configured to remember the IP address / username pair whenever an authentication happens (edit topic, attach file). Once remembered, the non authenticated scripts like `view` will show the correct username instead of `TWikiGuest`. You can enable this by setting the `$doRememberRemoteUser` flag in `wikicfg.pm`. TWiki persistently stores the IP address / username pairs in file `$remoteUserFilename`, which is `"$dataDir/remoteusers.txt"` by default. Please note that this can fail in case the IP address changes due to dynamically assigned IP addresses or proxy servers. Test: You are %WIKIUSERNAME%. + +-- [[Main/PeterThoeny]] - 02 Nov 2000 <br /> |