DokuWiki

It's better when it's simple

User Tools

Site Tools


Sidebar

Translations of this page?:

Learn about DokuWiki

Advanced Use

Corporate Use

Our Community


Follow us on Facebook, Twitter and other social networks.

tips:format_user

Using CN (or other portion) from Client Cert

Background

All access to edit our wiki is controlled using client certificates (over SSL).

This means REMOTE_USER is set to the entire certificate subject, which can be very very long as those using certificates for authentication probably know.

The long subject as username makes it difficult to determine the actual user when looking at revision history or page footers, and clutters the overall experience.

Patch

The following patch makes it easy to pick out a portion of the certificate subject to use as the “username” when displayed by wiki. In this case we are using the CN portion, but an email address might be another option.

This is a non-destructive change, the entire subject is still stored with edits, but only the portion you select is displayed on the page. This portion may be changed at any time.

dokuwiki_format_user.diff

Index: inc/html.php
===================================================================
--- inc/html.php        (revision 15)
+++ inc/html.php        (revision 17)
@@ -370,7 +370,7 @@
   print '<div class="meta">';
   if($_SERVER['REMOTE_USER']){
     print '<div class="user">';
-    print $lang['loggedinas'].': '.$_SERVER['REMOTE_USER'];
+    print $lang['loggedinas'].': '.format_user($_SERVER['REMOTE_USER']);
     print '</div>';
   }
   print ' &nbsp; ';
@@ -382,13 +382,13 @@
     print $date;
     if($INFO['editor']){
       print ' '.$lang['by'].' ';
-      print $INFO['editor'];
+      print format_user($INFO['editor']);
     }
     if($INFO['locked']){
       print ' &middot; ';
       print $lang['lockedby'];
       print ': ';
-      print $INFO['locked'];
+      print format_user($INFO['locked']);
     }
   }
   print '</div>';
@@ -628,7 +628,7 @@
     print $INFO['sum'];
     print ' <span class="user">(';
     print $INFO['ip'];
-    if($INFO['user']) print ' '.$INFO['user'];
+    if($INFO['user']) print ' '.format_user($INFO['user']);
     print ')</span> ';

     print '('.$lang['current'].')';
@@ -644,7 +644,7 @@
     print $info['sum'];
     print ' <span class="user">(';
     print $info['ip'];
-    if($info['user']) print ' '.$info['user'];
+    if($info['user']) print ' '.format_user($info['user']);
     print ')</span> ';

     print '<a href="'.wl($ID,"rev=$rev,do=diff").'">';
@@ -673,7 +673,7 @@
     print ' '.htmlspecialchars($recents[$id]['sum']);
     print ' <span class="user">(';
     print $recents[$id]['ip'];
-    if($recents[$id]['user']) print ' '.$recents[$id]['user'];
+    if($recents[$id]['user']) print ' '.format_user($recents[$id]['user']);
     print ')</span>';
     print '</li>';
   }
Index: inc/format.php
===================================================================
--- inc/format.php      (revision 15)
+++ inc/format.php      (revision 17)
@@ -562,4 +562,19 @@
   return false;
 }

+/**
+ *  Extracts common name (CN) from client certificates when displaying user info.
+ *
+ * @author August Zajonc <augustz@augustz.com>
+ */
+function format_user($user) {
+
+        if (strpos($user, '/CN=')) {
+                if (preg_match("|/CN=(.+)/|U", $user, $matches))
+                        return $matches[1];
+        }
+
+               return $user;
+}
+
 ?>

augustz@augustz.com

tips/format_user.txt · Last modified: 2005-10-05 09:55 (external edit)