Tags:
create new tag
view all tags

SID-00774: Authentication force viewauth

Status: Answered Answered TWiki version: 4.3.1 Perl version: 5
Category: CategoryAuthentication Server OS: RedHat Linux Last update: 15 years ago

Hi

I want to know if i can force viewauth for a certain topic.

I wrote a modification for access control in twiki, which uses ADFS groups coming from apache environment variables to authenticate.

This works perfect for allow view settings. When i try to restrict an adfs group from viewing, deny view, the user-specific groups won't get called.

I found out that allow view forces viewauth, deny unfortunately not. So the user from the denied groups can still view the topic.

is there a possibility to force viewauth by code? e.g: 

if (checkAccessPermissions{$mode} = 'deny'){
force viewauth
 }

-- AlexBernegger - 2010-03-04

Discussion and Answer

That sounds like something others may want as well. I hope you'll consider Open-Sourcing it when it's working.

Let me check that I understand the question. I ran into a possibly-similar situation with some code I'll be contributing soon to integrate LemonLDAP::NG authentication with TWiki. (It's working on http://wiki.sbay.org/ and several other TWiki sites hosted on the same server.) I needed to make a subclass of TWiki::LoginManager::ApacheLogin to provide a forceAuthentication() function which handled the cases where authentication is required.

I realize this is not yet a complete answer. But let me know if this is in the right direction and we'll keep discussing it.

-- IanKluft - 2010-03-05

Hi Ian,

Yes I'll contribute when it's finished. I think we booth have the same issue. For me, it would be very interesting how you use forceauthentication in your module. I have reused the isInList function in Users.pm to verify the users ADFS groups. Do you think it's possible to force viewauth by reading out the restriction mode from checkAccessPermissions?

-- AlexBernegger - 2010-03-08

-- AlexBernegger - 2010-03-11

Closing this question after more than 30 days of inactivity. Feel free to reopen if needed. Consider engaging one of the TWiki consultants if you need timely help. We invite you to get involved with the community, it is more likely you get community support if you support the open source project!

-- PeterThoeny - 2010-05-02

      Change status to:
ALERT! If you answer a question - or someone answered one of your questions - please remember to edit the page and set the status to answered. The status selector is below the edit box.
SupportForm
Status Answered
Title Authentication force viewauth
SupportCategory CategoryAuthentication
TWiki version 4.3.1
Server OS RedHat Linux
Web server Apache
Perl version 5
Edit | Attach | Watch | Print version | History: r5 < r4 < r3 < r2 < r1 | Backlinks | Raw View | Raw edit | More topic actions
Topic revision: r5 - 2010-05-02 - PeterThoeny
 
  • Learn about TWiki  
  • Download TWiki
This site is powered by the TWiki collaboration platform Powered by Perl Hosted by OICcam.com Ideas, requests, problems regarding TWiki? Send feedback. Ask community in the support forum.
Copyright © 1999-2026 by the contributing authors. All material on this collaboration platform is the property of the contributing authors.