Line: 1 to 1 | ||||||||
---|---|---|---|---|---|---|---|---|
TWiki User Authentication | ||||||||
Line: 8 to 8 | ||||||||
Overview | ||||||||
Changed: | ||||||||
< < | Authentication, or "loging in", is the process by which a user lets TWiki know who they are. | |||||||
> > | Authentication, or "logging in", is the process by which a user lets TWiki know who they are. | |||||||
Authentication isn't just about access control. TWiki uses authentication to identify users so it can keep track of who made changes, and manage a wide range of personal settings. With authentication enabled, users can personalise TWiki and contribute as recognised individuals, instead of ghosts. | ||||||||
Line: 89 to 89 | ||||||||
Apache Login (select =TWiki::LoginManager::ApacheLogin in configure) | ||||||||
Changed: | ||||||||
< < | Using this method TWiki does not authenticate users internally. Instead it depends on the REMOTE_USER environment variable, which is set when you enable authentication in the webserver. | |||||||
> > | Using this method TWiki does not authenticate users internally. Instead it depends on the REMOTE_USER environment variable, which the webserver passes to TWiki when you enable authentication in the webserver (as described in RFC 3875 - "The Common Gateway Interface v1.1"). | |||||||
Changed: | ||||||||
< < | The advantage of this scheme is that if you have an existing website authentication scheme using Apache modules, such as mod_auth_ldap or mod_auth_mysql , you can just plug in directly to them. | |||||||
> > | The advantage of this scheme is that if you have an existing website authentication scheme using Apache modules, such as mod_authnz_ldap or mod_authn_dbd , you can just plug in directly to them. | |||||||
The disadvantage is that because the user identity is cached in the browser, you can log in, but you can't log out again unless you restart the browser. |