Brett Fountain wrote:
Hello ~I want to DokuWiki to use external cookie authentication: considering someone "authenticated" if they have certain cookies (name, email, groups) already set when they come to the wiki. If they don't yet have those cookies set, I want the wiki to bump them to a URL where they'll be authenticated. Seems easy enough, eh?I don't want to manage wiki users, I don't want to create/delete users (or have the wiki doing it), I don't want there to be any usernames or passwords to deal with -- nothing. If a user comes to the wiki with a cookie that says they're in the editors group, then fine, they are. DokuWiki lets them have those editing permissions, and stamps their name/email on whatever they edit, again, based on what their cookie said for their name/email.
Hi Brett,You might wish to reconsider this. Most browsers can be configured so they will only return cookies to the server that set them. So your wiki will never see those authentication cookies from the other server. This is a natural form of protection developed to protect from scripts that invoke hidden cross site links in order to plant a virus on your computer.
Bob McConnell N2SPP -- DokuWiki mailing list - more info at http://wiki.splitbrain.org/wiki:mailinglist