This is the default configuration page for PmWiki's identity-based authorizations (aka "authuser"). AuthUser is a very flexible system for managing access to pages, but with flexibility can also come complexity. We'll try to walk through it here.
This site appears to have the authuser extensions enabled.
Authentication
Authentication from external sources (uncomment out appropriate line(s)):
# htpasswd: /filesystem/path/to/.htpasswd # ldap: ldap://ldap.example.com/ou=People,o=example?uid?sub # mysql: mysql://[username:password]@localhost/db/table?user,passwd
Usernames and encrypted passwords specified directly (encrypted strings can be obtained from ?action=crypt):
# alice: $1$NHrURcZQ$QexZSitx4bmFQmmFOVQmG. ("alicesecret") # bob: $1$kai8n1r0$srMjkIR8oUR.fvSGGP7LZ/ ("bobsecret")
Authorization
To authorize individuals to specific pages or groups, use "id:name
" when specifying a password using ?action=attr
. (See PmWiki.Passwords.)
To allow any authenticated person, use "id:*
". To set default site-wide authorizations, use $DefaultPasswords in local/config.php:
$DefaultPasswords['read'] = 'id:*'; $DefaultPasswords['edit'] = 'id:alice id:bob'; $DefaultPasswords['admin'] = 'id:alice';
Authorization groups
This page can be used to define custom authorization groups (indicated by a leading "@" sign):
# @editors: alice,bob # charlie: @editors,@visitors # @admins: alice, dave
To restrict a page or group of pages to an authorization group, use "@group" as a password in ?action=attr
for the page or GroupAttributes page. For sitewide groups, use $DefaultPasswords in local/config.php:
$DefaultPasswords['edit'] = '@editors'; $DefaultPasswords['admin'] = '@admins';