version=pmwiki-2.2.0 ordered=1 urlencoded=1
agent=Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.8.1.19) Gecko/20081216 Ubuntu/8.04 (hardy) Firefox/2.0.0.19
author=Petko
charset=ISO-8859-1
csum=mv question to talk
ctime=1156512569
host=81.65.14.164
name=PmWiki.SecurityVariables
rev=26
targets=PmWiki.AuthUser,PmWiki.PasswordsAdmin,PmWiki.Security
text=(:Summary:variables crucial for site security:)%0a%0a:$AuthUserFunctions: (Present only when the in-built [[AuthUser]] username/password functionality is used).  An array of different authentication mechanisms to be used for user authentication.  Array keys are a tag for the mechanism; values are a function callback that will be called with the properties $pagename, $id, $password, and $pwlist.  Oh... could someone else make this make sense, please?!%0a%0a:$DefaultPasswords: Specifies default passwords for user admin or actions (edit, read, upload). See [[PmWiki/PasswordsAdmin#settingsitewidepasswords]].%0a%0a:$EnablePostAttrClearSession:A switch to control whether or not changing a page's attributes causes any existing passwords to be forgotten. The default is that changing attributes forgets any passwords entered; this can be changed by setting $EnablePostAttrClearSession to zero.%0a%0a:$EnableSessionPasswords: Control whether passwords are saved as part of the session.  If set to zero, then session passwords are never saved (although any [[AuthUser]] authentications are still remembered).%0a%0a:$SessionEncode: Function to use to encode sensitive information in sessions.  Set this to NULL if you want to not use any encoding.  (See also $SessionDecode below.)%0a%0a:$SessionDecode: Function to reverse the decoding given by $SessionEncode above.  Set this to NULL if sensitive session values are not encoded.%0a%0a:$HandleAuth:This sets the required authentication Level that is necessary to perform an action. When using the following example in your @@config.php@@ you need to be authenticated as editor in order to view the page history:%0a        $HandleAuth['diff'] = 'edit';%0a%0a:$PageAttributes:Set the string shown on the attributes page when entering a password for an action.%0a%0a:$AuthLDAPBindDN:For sites using [[AuthUser]] with LDAP authentication, this specifies the distinguished name (DN) to be used to bind to the LDAP server to check identity.%0a%0a:$AuthLDAPBindPassword:For [[AuthUser]] with LDAP authentication, this specifies the password used for binding (in conjunction with $AuthLDAPBindDN above).%0a%0a:$EnablePublishAttr:Adds a new "publish" authorization level to distinguish editing of drafts from publishing - See $EnableDrafts.%0a%0aSee also:%0a* [[Security]]%0a* $EnablePageListProtect%0a%0a
time=1234653712