you say you use basic auth? this would mean the browser sends the user on every request until you tell it not to.
therfor log out would be a browser thing, to my knowledge only firefox offers an add on "web developer" where you can go to "miscellaneous - clear private data - http authentication". On 6/12/07, Geoff Mayes <[EMAIL PROTECTED]> wrote: > Hi again Thomas, > > Thank you very much for continuing to look into this. I am pleased to report > that HTTP Authentication is now working with MoinMoin! > > Per your questions I was prompted to rethink the way the http auth and the > wiki directories, and symlinked directories, were specified in Apache. What > I found out was that the <Location /> directive used by authz_ldap.conf to > lock down a directory had to match the directory specified in the Virtual > Host container which pointed to where the moin.fcg or moin.cgi script was > located (which I'm guessing then allows these two scripts to pick up the > REMOTE_USER and AUTH_TYPE environment variables). > > That is, when http auth was not working, it was because my location looked > like "<Location /wiki>" while the RewriteRule in the Virtual Host container > was for the "/" (root) directory -- "Rewrite Rule ^(.*)$ > /wiki/server/moin.fcg$1". When I changed the location directive to > "<Location />" so it matched the rewrite rule and restarted Apache, I could > log into MoinMoin via authz_ldap and MoinMoin displayed my username up top > and auto-created my profile. > > Now if there was only a way that users could gracefully and easily (instead > of clearing their cache or closing their browser) log out of their http > authenticated session ... > > Thank you again Thomas. > > Kind regards, Geoff > > > > -----Original Message----- > > From: [EMAIL PROTECTED] > > [mailto:[EMAIL PROTECTED] On Behalf Of > > Thomas Waldmann > > Sent: Monday, June 11, 2007 5:59 AM > > To: [email protected] > > Subject: Re: [Moin-user] http authentication works with > > Apache butnot MoinMoin > > > > > Yes. If /test contains htdocs/ underlay/ server/ and data/, should > > > Apache require http auth on the /test directory or one of > > the other directories? > > > > > >> Does the above mean you put data/ under documentroot? > > > > > > No. > > > > Apache should not access anything else than moin.cgi (or moin.fcg or > > ...) and the htdocs (css, img, js) stuff. > > > > Under no circumstances apache should (give) access (to) data/ > > directory. > > > > > "User_autocreate = True" will create a new user preferences > > file for a > > > user that hasn't logged in before and will load an existing > > file for a > > > user who has logged in prior, and all this will work with http auth? > > > > It should. > > > > > I verifed the AUTH_TYPE and REMOTE_USER environment > > variables by http > > > auth protecting a different directory and then accessing a > > script in > > > that directory, which prints out all %ENV variables: > > > > > > AUTH_TYPE = Basic > > > REMOTE_USER = gmayes > > > > Does this also work when you name your script moin.cgi and > > put it into the same place as the real moin.cgi is? > > > > If yes, please change the auth.py to read: > > > > def http(...): > > ... > > elif not isinstance(request, RequestCLI): > > env = request.env > > request.log(repr(env)) <- add this line > > ... > > > > And then look into your log. You can add more request.log() > > calls at other places to see why it does not work for you. > > > > > > -------------------------------------------------------------- > > ----------- > > This SF.net email is sponsored by DB2 Express > > Download DB2 Express C - the FREE version of DB2 express and take > > control of your XML. No limits. Just data. Click to get it now. > > http://sourceforge.net/powerbar/db2/ > > _______________________________________________ > > Moin-user mailing list > > [email protected] > > https://lists.sourceforge.net/lists/listinfo/moin-user > > > > ------------------------------------------------------------------------- > This SF.net email is sponsored by DB2 Express > Download DB2 Express C - the FREE version of DB2 express and take > control of your XML. No limits. Just data. Click to get it now. > http://sourceforge.net/powerbar/db2/ > _______________________________________________ > Moin-user mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/moin-user > ------------------------------------------------------------------------- This SF.net email is sponsored by: Splunk Inc. Still grepping through log files to find problems? Stop. Now Search log events and configuration files using AJAX and a browser. Download your FREE copy of Splunk now >> http://get.splunk.com/ _______________________________________________ Moin-user mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/moin-user
