data/TWiki/TWikiLoginManagerApacheLoginDotPm.txt
author Colas Nahaboo <colas@nahaboo.net>
Sat, 26 Jan 2008 15:50:53 +0100
changeset 0 414e01d06fd5
permissions -rw-r--r--
RELEASE 4.2.0 freetown
colas@0
     1
---+ Package =TWiki::LoginManager::ApacheLogin=
colas@0
     2
colas@0
     3
This is login manager that you can specify in the security setup section of
colas@0
     4
[[%SCRIPTURL{"configure"}%][configure]]. It instructs TWiki to
colas@0
     5
cooperate with your web server (typically Apache) to require authentication
colas@0
     6
information (username & password) from users. It requires that you configure
colas@0
     7
your web server to demand authentication for scripts named "login" and anything
colas@0
     8
ending in "auth". The latter should be symlinks to existing scripts; e.g.,
colas@0
     9
=viewauth -> view=, =editauth -> edit=, and so on.
colas@0
    10
colas@0
    11
See also TWikiUserAuthentication.
colas@0
    12
colas@0
    13
Subclass of TWiki::LoginManager; see that class for documentation of the
colas@0
    14
methods of this class.
colas@0
    15
colas@0
    16
colas@0
    17
%TOC%
colas@0
    18
colas@0
    19
---++ ClassMethod *new* <tt>($session)</tt>
colas@0
    20
colas@0
    21
Construct the ApacheLogin object
colas@0
    22
colas@0
    23
colas@0
    24
colas@0
    25
---++ ObjectMethod *forceAuthentication* <tt>() -> boolean</tt>
colas@0
    26
colas@0
    27
method called when authentication is required - redirects to (...|view)auth
colas@0
    28
Triggered on auth fail
colas@0
    29
colas@0
    30
colas@0
    31
colas@0
    32
---++ ObjectMethod *loginUrl* <tt>() -> $loginUrl</tt>
colas@0
    33
colas@0
    34
TODO: why is this not used internally? When is it called, and why
colas@0
    35
Content of a login link
colas@0
    36
colas@0
    37
colas@0
    38
colas@0
    39
---++ ObjectMethod *login* <tt>($query,$twiki)</tt>
colas@0
    40
colas@0
    41
this allows the login and logon cgi-scripts to use the same code. 
colas@0
    42
all a logon does, is re-direct to viewauth, and apache then figures out 
colas@0
    43
if it needs to challenge the user
colas@0
    44
colas@0
    45
colas@0
    46
colas@0
    47
---++ ObjectMethod *getUser* <tt>() -> $authUser</tt>
colas@0
    48
colas@0
    49
returns the userLogin if stored in the apache CGI query (ie session)
colas@0
    50
colas@0
    51