Question

I have been unable to keep a separate login for Apache 2 (for general access to TWiki content) and TWiki (for fine-grained access).

For example, I have a user 'twiki' that must be authenticated by Apache before having access to TWiki content. Once I have gained access I then want to login as 'ChrisPurves', but TWiki will only recognise me as user 'twiki'.

Environment

-- ChrisPurves - 27 Mar 2006

Answer

If you answer a question - or have a question you asked answered by someone - please remember to edit the page and set the status to answered. The status is in a drop-down list below the edit box.

With the current code, you can't have separate logins. As soon as TWiki gets a user name from Apache, it considers the session "authenticated" - so it wouldn't ask for another login.

The reason is in Client.pm, around line 202:

    # if we couldn't get the login manager or the http session to tell
    # us who the user is, then let's use the CGI "remote user"
    # variable (which may have been set manually by a unit test,
    # or it might have come from Apache).
    $authUser ||= $twiki->{remoteUser};

You might want to comment out the last line here (though I can't say for sure that this is sufficient). And, of course, you need to enable UseClientSessions and TemplateLogin in /bin/configure, so that your TWiki login is activated.

-- HaraldJoerg - 27 Mar 2006

Works like a charm. Thanks.

-- ChrisPurves - 29 Mar 2006