1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
|
<?php if (!defined('PmWiki')) exit();
/* Copyright 2004-2005 Patrick R. Michaud (pmichaud@pobox.com)
This file is part of PmWiki; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published
by the Free Software Foundation; either version 2 of the License, or
(at your option) any later version. See pmwiki.php for full details.
This file defines an alternate authentication scheme based on the
HTTP Basic authentication protocol (i.e., the scheme used by default
in PmWiki 1).
*/
## If the webserver has already authenticated someone, then use
## that identifier for our authorization id. We also disable
## the use of the browser's Basic Auth form later, since it tends
## to confuse webservers.
if (IsEnabled($EnableRemoteUserAuth, 1) && @$_SERVER['REMOTE_USER']) {
SDV($EnableHTTPBasicAuth, 0);
SDV($AuthId, $_SERVER['REMOTE_USER']);
}
## If the browser supplied a password, add that password to the
## list of passwords used for authentication
if (@$_SERVER['PHP_AUTH_PW'])
SessionAuth($pagename, array('authpw'=>array($_SERVER['PHP_AUTH_PW'] => 1)));
## $EnableHTTPBasicAuth tells PmWikiAuth to use the browser's
## HTTP Basic protocol prompt instead of a form-based prompt.
if (IsEnabled($EnableHTTPBasicAuth, 1))
SDV($AuthPromptFmt, 'function:HTTPBasicAuthPrompt');
## HTTPBasicAuthPrompt replaces PmWikiAuth's form-based password
## prompt with the browser-based HTTP Basic prompt.
function HTTPBasicAuthPrompt($pagename) {
global $AuthRealmFmt, $AuthDeniedFmt;
SDV($AuthRealmFmt,$GLOBALS['WikiTitle']);
SDV($AuthDeniedFmt,'A valid password is required to access this feature.');
$realm=FmtPageName($AuthRealmFmt,$pagename);
header("WWW-Authenticate: Basic realm=\"$realm\"");
header("Status: 401 Unauthorized");
header("HTTP-Status: 401 Unauthorized");
PrintFmt($pagename,$AuthDeniedFmt);
exit;
}
|
