[dokuwiki] htaccess with dokuwiki 2006-11-06 fails

  • From: Jon Buckingham <jon.buckingham@xxxxxx>
  • To: dokuwiki@xxxxxxxxxxxxx
  • Date: Thu, 30 Nov 2006 17:35:30 +0000

Hi,

In upgrading from 2006-03-09d to 2006-11-06 I find authentication
via htaccess is not working.

I am using apache to do LDAP authentication, and then
htaccess class 
(http://wiki.splitbrain.org/wiki:tips:htaccessauth#the_htaccess_class)
to get authenticated users from apache.

It worked just fine for 2006-03-09d!

The dokuwiki 2006-11-06 symptom is...

   Permission Denied
   Sorry, you don’t have enough rights to continue. Perhaps you forgot to login?

In apache's ssl_error_log I get lots of the following...

[client 15.144.122.122] PHP Warning:  Illegal offset type in 
/home/wwwrnd/public_html/dokuwiki-2006-11-06/inc/auth.php on line 384
[client 15.144.122.122] PHP Warning:  Illegal offset type in 
/home/wwwrnd/public_html/dokuwiki-2006-11-06/inc/auth.php on line 389
[client 15.144.122.122] PHP Warning:  Illegal offset type in 
/home/wwwrnd/public_html/dokuwiki-2006-11-06/inc/auth.php on line 394

Looking in auth.php I see ...

auth.php (2006-11-06)
---------------------
(lines 384, 389, 394 **)

  function auth_nameencode($name,$skip_group=false){
    global $cache_authname;
    $cache =& $cache_authname;

**  if (!isset($cache[$name][$skip_group])) {
      if($skip_group && $name{0} =='@'){
        $cache[$name][$skip_group] = 
'@'.preg_replace('/([\x00-\x2f\x3a-\x40\x5b-\x60\x7b-\x7f])/e',
                                                      
"'%'.dechex(ord('\\1'))",substr($name,1));
      }else{
**      $cache[$name][$skip_group] = 
preg_replace('/([\x00-\x2f\x3a-\x40\x5b-\x60\x7b-\x7f])/e',
                                                  
"'%'.dechex(ord('\\1'))",$name);
      }
    }

**  return $cache[$name][$skip_group];
  }

auth.php (2006-03-09d)
----------------------
function auth_nameencode($name,$skip_group=false){
  if($skip_group && $name{0} =='@'){
    return '@'.preg_replace('/([\x00-\x2f\x3a-\x40\x5b-\x60\x7b-\x7f])/e',
                            "'%'.dechex(ord('\\1'))",substr($name,1));
  }else{
    return preg_replace('/([\x00-\x2f\x3a-\x40\x5b-\x60\x7b-\x7f])/e',
                        "'%'.dechex(ord('\\1'))",$name);
  }
}


Assuming the fault lies in the parameter $name,
Looking back in the code, it appears that auth_nameencode() is called with 
$name set
to $_SERVER['REMOTE_USER'].

From the debug output, REMOTE_USER is set to "jon.buckingham_hp.com" (seems 
reasonable)
for both 2006-03-09d and 2006-11-06 dokuwiki's.

Relevant local.php configs are...

$conf['authtype']    = 'htaccess';       //which authentication backend should 
be used
$conf['useacl']      = 1;                //Use Access Control Lists to restrict 
access?
$conf['openregister'] = 0;               // Since you are using Basic HTTP 
Registration, i think openregister will not work .
$conf['htaccess_defaultgrp'] = "guest";
if (isset($_SERVER['PHP_AUTH_USER']) and 
!isset($_SESSION[$conf['title']]['auth']['info'])) $_REQUEST['u'] = 
$_SERVER['PHP_AUTH_USER'];


Any ideas?

Thanks,

Jon B
-- 
DokuWiki mailing list - more info at
http://wiki.splitbrain.org/wiki:mailinglist

Other related posts:

  • » [dokuwiki] htaccess with dokuwiki 2006-11-06 fails
  1. Home
  2. dokuwiki
  3. Archive
  4. 11-2006