Differences

This shows you the differences between two versions of the page.

--- plugin:authremoteuser [2018-06-18 11:10] – Karl-Wilhelm Rips
+++ plugin:authremoteuser [2021-09-06 11:44] (current) – karl-wilhelm-rips
@@ Line 1: / Line 1: @@
-====== authremoteuser Plugin ======
+====== AuthRemoteUser Plugin ======
 ---- plugin ----
-description: Provides authentication via web server's REMOTE_USER environment variable which is set through authentication systems like HTTP-Auth, LDAP, CAS, Cosign, NTLM, PAM, WebAuth, SSPI, and so on
+description: Provides single sign-on authentication via an environment variable which is set through authentication systems like HTTP-Auth, LDAP, CAS, Cosign, NTLM, PAM, WebAuth, SSPI, and so on
 author     : Karl-Wilhelm Rips
 email      : dokuwiki.org@rips.de
 type       : Auth
-lastupdate : 2016-03-29
+lastupdate : 2021-08-30
-compatible : Detritus, Elenor Of Tsort, Frusterick Manners, Greebo
+compatible : Detritus, Elenor Of Tsort, Frusterick Manners, Greebo, Hogfather
 depends    :
 conflicts  :
@@ Line 13: / Line 13: @@
 tags       : authentication, HTTP-Auth, LDAP, CAS, Cosign, NTLM, PAM, WebAuth, SSPI, REMOTE_USER, plain
-downloadurl: https://gitlab.com/CharlyKWR/authremoteuser/-/archive/master/authremoteuser-master.zip
+downloadurl: https://codeberg.org/Charly/AuthRemoteUser/archive/master.zip
-bugtracker : https://gitlab.com/CharlyKWR/authremoteuser/issues
+bugtracker : https://codeberg.org/Charly/AuthRemoteUser/issues
-sourcerepo : https://gitlab.com/CharlyKWR/authremoteuser
+sourcerepo : https://codeberg.org/Charly/AuthRemoteUser
 donationurl:
@@ Line 24: / Line 24: @@
 ===== Description =====
-This plugin allows integration with the web server's built-in authentication system via the ''REMOTE_USER'' environment variable which is set through HTTP-Auth, LDAP, CAS, Cosign, NTLM, PAM, WebAuth, SSPI and so on. It uses the default plain text file ''conf/users.auth.php'' to store user information.
+This plugin allows integration with the web server's built-in authentication system via an environment variable which is set through
+  * HTTP-Auth,
+  * LDAP,
+  * CAS,
+  * Cosign,
+  * NTLM,
+  * PAM,
+  * WebAuth,
+  * SSPI,
+  * and so on.
+Default variable name is ''REMOTE_USER''.
+It uses the default plain text file ''conf/users.auth.php'' to store user information.
 ===== Installation =====
-  - Enable an authentication system which sets REMOTE_USER (and disable anonymous authentication) on your web server.
+  - Enable an authentication system which sets (domain and) username in an environment variable on your webserver (''_SERVER[...]'') (and disable anonymous authentication) on your web server.
-  - Search and install the plugin using the [[plugin:extension|Extension Manager]]. Refer to [[:Plugins]] on how to install plugins manually.
+  - Search and install the plugin using the [[plugin:extension|Extension Manager]]. Refer to [[:Plugin Installation Instructions#Manual instructions|Plugin Installation Instructions]] on how to install plugins manually.
 ===== Usage =====
-  - Determine your ''REMOTE_USER'' name:
+  - Determine the variable name your authentication system uses:
-    * Save ''phpinfo.php'' on your web server\\ <file php phpinfo.php><?PHP
+    * Default is ''REMOTE_USER''.
-	phpinfo();
+    * If your authentication system uses another variable name notice this name.
+  - Determine your username:
+    - Save file ''phpinfo.php'' on your web server:\\ \\ <file php phpinfo.php><?PHP
+    phpinfo();
 ?></file>
-    * Open ''phpinfo.php'' in your web browser and search for the value in ''_SERVER["REMOTE_USER"]''
+    - Open ''phpinfo.php'' in your web browser and search for the value in ''_SERVER[...]'' whereby ''...'' is the variable name of your authentication system.
-    * Add this value as new user ID to your user list if it is missing and add them groups ''admin'' and ''user''. Don't be surprised: The user ID is converted to a valid [[:pagename]].
+    - Add this value as new user ID to your user list if it is missing and add them groups ''admin'' and ''user''((Don't be surprised: The user ID is converted to a valid [[:pagename]].))
-  - In your DokuWiki login as superuser, click “Admin”, choose “Configuration Settings”, and configure these settings
+    - Remove file ''phpinfo.php''.
+  - In your //DokuWiki// login as superuser, click //Admin//, choose //Configuration Settings//, and configure these settings:
     - Disable action ''profile''.
     - If enabled, disable option ''subscribers'' temporarily.
-    - Enable ''authtype'' "authremoteuser".
+    - Enable ''authtype'' //AuthRemoteUser//.
     - Disable ''rememberme''.
-    - Save this configuration
+    - If your authentication system doesn't use variable name ''REMOTE_USER'' set the name (see also topic 1.2) in ''server_var_name_of_auth_system''.
-  - Remove ''DokuWiki'' cookie from your browser or close and restart your browser.
+    - Save this configuration.
-  - Reload your DokuWiki installation. Your login should be automatically detected.
+  - Remove //DokuWiki// cookie from your browser or close and restart your browser.
+  - Reload your //DokuWiki// installation. Your login should be automatically detected.
   - Now, you can re-enable option ''subscribers'' again (see above).
-  - Remove file ''phpinfo.php'' from your web server.
-Copy the configuration settings to the ''conf/local.protected.php'' file to [[plugin:config#protecting_settings|protect the settings]] against changes via Config Manager.
+Copy the configuration settings to the ''conf/local.protected.php'' file to [[plugin:config#protecting_settings|protect the settings]] against changes via //Config Manager//.
-Administration of users and its groups is done in the [[Usermanager|User manager]], which is fully supported by this plugin.
+Administration of users and its groups is done in the [[Usermanager|User Manager]] which is fully supported by this plugin.
 ===== Storage====
-''authremoteuser'' uses the same storage backend like ''authplain'' that is ''conf/users.auth.php''. Users which are added after switching to ''authremoteuser'', won't contain an encrypted password.
+//AuthRemoteUser// uses the same storage backend like //authplain// that is ''conf/users.auth.php''. Users which are added after switching to //AuthRemoteUser//, won't contain an encrypted password.
-That is: You can switch back to ''authplain'' (and enable ''profile'' setting) whenever you want, and all your users which were already added before are still able to login using their (hopefully yet known) password. All
+That is: You can switch back to //authplain// (and enable ''profile'' setting) whenever you want, and all your users which were already added before are still able to login using their (hopefully yet known) password. All other users can use the //forget my password// link.
-other users can use the "forget my password" link.
 ==== File Format ====
-Empty lines, and everything after a ''#'' character are ignored. Each line contains a colon separated array of 5 fields ''loginname:password:Real Name:e-mail:groups'' which are:
+Empty lines, and everything after a ''#'' character are ignored. Each line contains a colon separated array of five fields:
-  * **Login name** - This has to be a valid [[:pagename]]
+<code>
-  * **Password** - Encrypted password if user id was added using ''authplain'', otherwise empty.
+loginname:password:Real Name:email:group
-  * **Real Name** - Real name of the user
+</code>
-  * **E-Mail** - Email address of user
-  * **Groups** - Comma separated list of groups a user is member of. The group names must follow the rules of valid [[:pagename]]s.
+  * ''loginname'':\\ This has to be a valid [[:pagename]].
+  * ''password'':\\ Encrypted password if user id was added using //authplain//, otherwise empty.
+  * ''Real Name'':\\ Real name of the user.
+  * ''email'':\\ Email address of user.
+  * ''groups'':\\ Comma separated list of groups a user is member of. The group names must follow the rules of valid [[:pagename]]s.
 ==== Editing ====
 Since ''conf/users.auth.php'' is a plain text file, it can be edited with any text editor.
-===== Development =====
-=== Change Log ===
-  * **2016-03-29**\\ Initial release
-=== Known Bugs and Issues ===
-=== ToDo/Wish List ===
-===== FAQ =====
-===== Discussion =====