This question about Authentication or Authorisation: Asked

Edit request always pops up Login dialog

I'm not sure what I've done to configure things this way. It's never been an issue before now but...

We tend to lock down our Wiki. We (usually) only want registered users to be able to edit). However, we currently have two pages where we'd like to open edit permissions to unregistered, i.e. guest, users.

  • We don't use WYSIWYG editing; that plugin is disabled. So, raw editing only. (Specifically, we want to open the privileges on this page to allow editing of an editable table).
  • We're using Template Login.

No matter what I try, I get a login dialog. There is no entry in the .=htpasswd= file for WikiGuest. Trying to enter just the name without a password, however, fails.

I've tried

   * Set ALLOWTOPICCHANGE = WikiGuest

It puts up a Login dialog.

I've tried

   * Set ALLOWTOPICCHANGE = *

It puts up a Login dialog.

I have
  • restarted Apache
  • removed edit from $Foswiki::cfg{AuthScripts}
  • removed edit, rest, and save from {AuthScripts}
  • checked that {AuthScripts} is not set twice in LocalSite.cfg

It puts up a Login dialog.

I have set sub MONITOR_ACLS { 1 } in Foswiki/Meta.pm (See Question1562). There is no indication that Foswiki is checking access for WikiGuest. Could this be the problem? (If it is, setting DENYTOPICCHANGE to empty should still work, though. Right?)

Something(?) is forcing the login dialog to come up for any edit attempt. Whatever this is has been handy in the past, but I'd like to know what it was.

The URL is

http://wiki.cfcl.com/bin/login/BAAPT/BrainScanning?t=1424155883;nowysiwyg=1;foswiki_origin=GET%2cedit%2c/bin/edit/BAAPT/BrainScanning%3ft%3d1424155883%3bnowysiwyg%3d1

if that's helpful

Any suggestions as to what that might be or where else to look?

LocalSite.cfg

$Foswiki::cfg{UseClientSessions} = 1;
$Foswiki::cfg{Sessions}{ExpireAfter} = '259200';
$Foswiki::cfg{Sessions}{ExpireCookiesAfter} = 0;
$Foswiki::cfg{Sessions}{IDsInURLs} = 0;
$Foswiki::cfg{Sessions}{UseIPMatching} = 0;
$Foswiki::cfg{Sessions}{MapIP2SID} = 0;
$Foswiki::cfg{Sessions}{CookieRealm} = '';
$Foswiki::cfg{Validation}{Method} = 'strikeone';
$Foswiki::cfg{Validation}{ValidForTime} = 3600;
$Foswiki::cfg{Validation}{MaxKeysPerSession} = 1000;
$Foswiki::cfg{Validation}{ExpireKeyOnUse} = 1;
$Foswiki::cfg{LoginManager} = 'Foswiki::LoginManager::TemplateLogin';
$Foswiki::cfg{AuthScripts} = 'attach,compareauth,manage,previewauth,rdiffauth,rename,restauth,statistics,upload,viewauth,viewfileauth';
$Foswiki::cfg{TemplateLogin}{PreventBrowserRememberingPassword} = 0;
$Foswiki::cfg{LoginNameFilterIn} = '^[^\\s\\*?~^\\$@%`"\'&;|<>\\x00-\\x1f]+$';
$Foswiki::cfg{DefaultUserLogin} = 'guest';
$Foswiki::cfg{DefaultUserWikiName} = 'WikiGuest';
$Foswiki::cfg{AdminUserLogin} = 'admin';
$Foswiki::cfg{AdminUserWikiName} = 'AdminUser';
$Foswiki::cfg{SuperAdminGroup} = 'AdminGroup';
$Foswiki::cfg{UsersTopicName} = 'WikiUsers';
$Foswiki::cfg{UserMappingManager} = 'Foswiki::Users::TopicUserMapping';
$Foswiki::cfg{PasswordManager} = 'Foswiki::Users::HtPasswdUser';
$Foswiki::cfg{MinPasswordLength} = 7;
$Foswiki::cfg{Htpasswd}{FileName} = '$Foswiki::cfg{DataDir}/.htpasswd';
$Foswiki::cfg{Htpasswd}{Encoding} = 'apache-md5';
$Foswiki::cfg{Htpasswd}{AutoDetect} = 1;
$Foswiki::cfg{Register}{AllowLoginName} = 0;
$Foswiki::cfg{Register}{EnableNewUserRegistration} = 1;
$Foswiki::cfg{Register}{NeedVerification} = 0;
$Foswiki::cfg{Register}{DisablePasswordConfirmation} = 0;
$Foswiki::cfg{Register}{HidePasswd} = 1;
$Foswiki::cfg{Register}{RegistrationAgentWikiName} = 'RegistrationAgent';

-- VickiBrown - 17 Feb 2015

I asked about this in IRC. Whatever I'm doing isn't systemic:
gac410
hm, I've never tried guest edit.
Let me see if my 1.1.9 system is working.  I can try it.
Okay,   Foswiki 1.1.9.   AuthScripts.   I removed edit, rest and save.    
Then edited a topic and added  "   * Set DENYTOPICCHANGE =  "     and saved it.     
Then logged out.
Then as guest, hit Edit.  Wysiwyg / TMCE came up fine.
Saved fine.  

-- VickiBrown - 17 Feb 2015

I'm on Foswiki-2.1.2, Plugin API version 2.4 and I'm experiencing the same behaviour.I am currently evaluating Foswiki for our organisation and want to include some other "types of users" in this. Therefore I want to abstain from any registration (as less hassle and much fun as possible for everyone participation).

As I'm new to Foswiki I did not dig into the auth + access control as much as Main.VickiBrown. Do I have to? wink Has anybody experienced the same behaviour? Or has solved this?

-- SimonLüke - 03 Aug 2016

Are you getting a Foswiki template login page, or the Apache HTTP login message? If you think you are logged in, but are still getting promped for a login, maybe your apache config is too restrictive, or you have cookies disabled / blocked that is breaking authentication.

-- GeorgeClark - 03 Aug 2016
 

QuestionForm edit

Subject Authentication or Authorisation
Extension
Version Foswiki 1.1.9
Status Asked
Related Topics
Topic revision: r4 - 03 Aug 2016, GeorgeClark
The copyright of the content on this website is held by the contributing authors, except where stated elsewhere. See Copyright Statement. Creative Commons License    Legal Imprint    Privacy Policy