k y m a • t w e a k y — the kyma collective || view the current website || February 2015 Archive

/ TWiki.TWikiUserAuthentication

Search


TWiki Section


Home 
Topics 
More... 

All Sections


Products
Order
Company
Community
Share
Learn

Login / Register 
Change password
Forgot password?

Symbolic Sound


Home
Kyma Forum
Eighth Nerve

TWiki Links


twiki.org

TWiki User Authentication

TWiki site access control and user activity tracking options

TWiki does not authenticate users internally, it depends on the REMOTE_USER environment variable. This variable is set when you enable Basic Authentication (.htaccess) or SSL "secure server" authentication (https protocol).

TWiki uses visitor identification to keep track of who made changes to topics at what time and to manage a wide range of personal site settings. This gives a complete audit trail of changes and activity.

Authentication Options

No special installation steps are required if the server is already authenticated. If it isn't, you have three standard options for controlling user access:

  1. Forget about authentication to make your site completely public - anyone can browse and edit freely, in classic Wiki mode. All visitors are assigned the TWikiGuest default identity, so you can't track individual user activity.
  2. Use SSL (Secure Sockets Layer; HTTPS) to authenticate and secure the whole server.
  3. Use Basic Authentication (.htaccess) to control access by protecting key scripts: attach, edit=, installpasswd, preview, rename, save, upload using the .htaccess file. The TWikiInstallationGuide has step-by-step instructions.

Partial Authentication

Tracking by IP address is an experimental feature, enabled in lib/TWiki.cfg. It lets you combine open access to some functions, with authentication on others, with full user activity tracking:

Quick Authentication Test - Use the %WIKIUSERNAME% variable to return your current identity:

TWiki Username vs. Login Username

This section applies only if your TWiki site is installed on a server that is both authenticated and on an intranet.

kyma•tweaky internally manages two usernames: Login Username and TWiki Username.

TWiki can automatically map an Intranet (Login) Username to a TWiki Username, provided that the username pair exists in the TWikiUsers topic. This is also handled automatically when you register.

NOTE: To correctly enter a WikiName - your own or someone else's - be sure to include the User web name in front of the Wiki username, followed by a period, and no spaces. Ex:
User.WikiUsername or %MAINWEB%.WikiUsername
This points WikiUser to the kyma•tweaky.User web, where user registration pages are stored, no matter which web it's entered in. Without the web prefix, the name appears as a NewTopic? everywhere but in the User web.

Changing Passwords

Change and reset passwords using forms on regular pages. Use TWikiAccessControl to restrict use as required.

Change password

Forgot your old password? Then use ResetPassword instead. Please only use ResetPassword in case you really forgot your password. Thank you.

Your WikiName: **
Old password: **
New password: **
Retype new password: **
     (Fields marked ** are required)

After submitting this form your password will be changed.

Request for reset of password

Please only use this ResetPassword form in case you really forgot your password. Otherwise just change it using ChangePassword. Thank you.

Your login name:
Capitalized first and last name with no space
**
New password: **
Retype new password: **
     (Fields marked ** are required)

After submitting this form you will see a page with your encrypted password. That page will include instructions for emailng this encrypted password to the webmaster who will update your account and notify you by email when you can begin using the new password. When logging in, use the new password as you have typed it into this form, not the encrypted password that you have emailed to the webmaster. Thanks!

-- MikeMannix? - 19 May 2002

 
 
© 2003-2014 by the contributing authors. / You are TWikiGuest