[dokuwiki] Re: Tweaking authentication

Chris Smith writes:

Quick question.

If auth initialisation fails should:
- dokuwiki die immediately with some suitable error message
- carry on without auth, the user would be treated as not logged in, parts of dokuwiki which require auth would not be available[1]
- allow config to specify one or other of the above.

Hmm either the first or the second. I would tend to the second but with a error message ("Authentication currently not available") to let the user know why he can't log in.

Just for understanding: The auth backend could fail only for internal
reasons like the MySQL database being down or something, am I right? If the module it self is non existant or has errors (missing a method for example) I think dying is the correct method of making the admin aware of his wrong
config.

[1] which would require adding (or replacing) $conf['useacl'] checks with isset($auth) , or having auth.php set $conf['useacl'] to 0. Generally, I'd be against modifying a $conf value during operation. In this case it may be suitable. 

I agree, changing the $conf['acl'] var is the easiest method and avoids
breaking anything relying on it (plugins), so here it's suitable.

Apart from this the two auth mods (remove legacy auth support & add canDo() method) are ready to be recorded and sent. 

great :-D

Andi
--
DokuWiki mailing list - more info at
http://wiki.splitbrain.org/wiki:mailinglist

Other related posts: