Question

hi ! i am a newbie for twiki...having installed twiki...i am able to create new users...but i am still as twikiguest ....how to change to the selected user ....is there a login page for that....also my twiki registration page does not ask to fill passwords

• TWiki version:01 dec 2000
• Web server:apache 1.3.20
• Server OS:SuSe linux

-- TWikiGuest - 28 Jun 2001

Is your TWiki on a secure (SSL) server? -- JonReid - 28 Jun 2001

• [ PeterThoeny - 11 Jul 2001 ] No, just basic authentication.

Answer

Please read the TWikiInstallationGuide. You need to rename TWikiRegistrationPub to TWikiRegistration and enable authentication.

-- PeterThoeny - 28 Jun 2001

This is all very well but you do not say how to do this! What files need to be renamed and where are they? When does one do this step (e.g. after creating a Wiki user or as the guest)? Do you enable authentication before or after creating a Wiki user?

-- BruceEdmonds? - 10 July 2001

I updated the TWikiInstallationGuide to make it more clear:

• Optional: If you are on a non authenticated server (i.e. not using SSL) and you would like to authenticate users:
  • Rename file .htaccess.txt in the twiki/bin directory to .htaccess and change it to your needs. For details consult the HTTP server documentation (for Apache server: [1], [2]).
    • Note: The browser should ask for login name and password when you click on the Edit link. In case .htaccess does not have the desired effect you need to enable it: Add "AllowOverride All" to the Directory section of access.conf for your twiki/bin directory.
  • Copy the TWikiRegistrationPub topic to TWikiRegistration. Do that by either editing the topics in theTWiki04x02 web, or by renaming the .txt and .txt,v files in the twiki/data/TWiki04x02 directory.
    • Note: You can customize the registration form if needed, like deleting or adding input tags. The name="" parameter of the input tags must start with: "Twk0..." (if this is an optional entry), or "Twk1..." (if this is a required entry). This will ensure that the fields are processed correctly.

These two steps are part of the installation and need to be done just once after you are able to edit a topic as a guest user without authentication. Hope this helps.

-- PeterThoeny - 11 Jul 2001

I'm having a similar problem. I've followed the instructions on the updated installation guide for basic authentication. I can create new users, and set a password, but I don't know how to login to any of these existing accounts. Whenever I edit a page I show up as TWikiGuest.

Update: I went through all the steps again (but didn't actually change any settings) and restarted Apache. Now I get prompted to login when attempting to edit a page. Maybe I forgot to restart Apache last time (I'm pretty sure I did but...)

-- MattWilkie - 26 Sep 2001

I don't understand what you mean by this line: The browser should ask for login name and password when you click on the Edit link. In case .htaccess does not have the desired effect you need to enable it: Add "AllowOverride All" to the Directory section of access.conf for your twiki/bin directory

I am having the same problems as others reported here. The .htpassword file does get updated by when I click at Edit, I become TWikiGuest and not promted for login username and password. Is this access.conf file the conf/access.conf (with httpd.conf) file or something else?

-- TWikiGuest - 26 Apr 2002

You can make any updates to httpd.conf, the access.conf file is now deprecated. There should be a <Directory> section for twiki/bin in your httpd.conf, that's where you need the AllowOverride All.

Check that .htaccess is in the twiki/bin directory and that it does not have a '.txt' on the end of the filename, i.e. just .htaccess as the name.

-- RichardDonkin - 27 Apr 2002

The Evil Empire Twiki has posted the code for their login page at EvEm

-- MattWilkie - 17 May 2002

I am another newbie who is trying to get authentication work. I tried everything word by word. I even did the AllowOverride? All in the httpd.conf. Still, I don't get any authentication window when I try to Edit. It just brings up the Edit page. This is really very frustrating. Unless this software becomes easier to install it won't have a chance of adoption outside the little circle here. I have spent several days trying to install this thing. I wonder whether it is really worth it anymore...

-- TWikiGuest - 13 Sep 2002

Your problems may be Apache related rather than due to TWiki - a good book on Apache, or a local expert, would help. TWiki is already widely adopted, but it does make some significant AdminSkillsAssumptions - it's not a point-and-click installation by any means.

One quick hint: did you Copy the TWikiRegistrationPub topic to TWikiRegistration as mentioned above?

It's best if you don't add new issues to existing pages even if they look similar - please read the SupportGuidelines and create a new page with the required information.

-- RichardDonkin - 14 Sep 2002

Did you paste-in the httpd.conf example directly? This sets the directory to /home/httpd/twiki, which may not be the root you have chosen. Testenv passes and all seems ok but authentication fails.

-- SteveBaker - 21 Sep 2002

I've just had the same problem. It seems it was caused because I had not properly set the ErrorDocument in bin/.htaccess file. My wiki site is working now, asking for user and password:

ErrorDocument 401 /twiki/bin/oops/TWiki/TWikiRegistration?template=oopsauth

(Excuse my bad english)

-- TWikiGuest - 11 Feb 2004

Ding! (light bulb here ) It just occurred to me that you just might be able to create a login/out mechanism without using cookies, sessions, and/or without changing the current (relatively straightforward and consistantly working) authorization scheme. To do it, you would need to change the "redirect" within the .httaccess file for error 401 to point to a page which would not return the "401" status. This would prevent the browser's internal authorization page from popping up. (This would work with a mod_rewrite trick or possibly an external link on the Redirect directive). The page you redirected to would be the real login page and have fields to send the userid/password back to the server. Now, all you have do is to figure out how to set the values within the browser's authorization mechanizm to pass back the values in the expected way on each subsequent request. I don't know about other browsers, but for IE 5.5, you can do this, albeit in an ugly way. To make it work, you would first cause the browser to request a page using the full URL with authentication - i.e. http://userid:password@www.somedomain.com/somepage. (This works for GET but I haven't tested POST). You could then immediately redirect again, sans userid/password, to hide the combination from the "address" line in the browser. IE 5.5 will now remember the combination and supply the combination in the HTTP header for each subsequent request, as expected by the authentication protocol.

Maybe it's kind of a hack, but you'd be amazed at the lengths some will take to avoid "eating" cookies and/or resorting to Javascript.

-- TomKagan - 1 Nov 2002

See HowToMakeATWikiLogoutPage if you want to make a logout page.

-- BoudRoukema - 12 Jan 2004

I've installed TWiki, verbatim, through the documentation twice, and I still see problems. First of all, when a user goes to http://myhost.com/twiki, I want the authentication page, not the default page (that has the old URLs, etc). Second, the TWikiInstallationGuide doesn't include important things such as http://twiki.org/cgi-bin/view/TWiki/TWikiDocumentation#Additional_Server_Level_Options and the .htaccess.txt file does NOT have the Redirect line in it.

I think the installation is needlessly complex, where you're editing here, changing there. Why not combine these tasks into a part of the installation through a better script (than the old things provided)? Having information in one place will help others install this with less hassle.

-- ForrestAldrich - 7 Mar 2004

I see the authentication for THIS site works so there's hope! I'm running twiki on RH 8.0 having used an rpm obtained through rpm.pbone.net. It installed in /home/twiki/ with user apache running the scripts -- permissions are correct. I've run through most of the authentication steps ok. Got registration working OK to create user/pw. when I go to /etc/httpd/conf.d/twiki.conf (which seems to be the right place in RH8 -- there's an include in /etc/httpd/conf/httpd.conf to twiki.conf) and look at twiki.conf I see the following. (returns are added, and angle brackets removed, for clarity)

Script Alias /twiki/bin/ "/home/twiki/bin/"

Alias /twiki/ "/home/twiki/"

Re direct /twiki/index.html http://Complexity/twiki/bin/view

Directory /home/twiki/bin

   Options + ExecCGI

   Set Handler cgi-script

   Allow from All

/Directory

Directory "/home/twiki/pub"

   Options Follow SymLinks + Includes

   AllowOverride None

   Allow from All

/Directory

Directory "/home/twiki/data"

   Deny from All

/Directory

Directory "/home/twiki/templates"

   Deny from All

/Directory

(Complexity is a local host -- not ready for prime time yet)

---

OK, so i figure I need to have this:

Directory /home/twiki/bin

   Options +ExecCGI

   Set Handler cgi-script

   AllowOverride All

   Allow from All

/Directory

I restart httpd, point my browser to http://complexity/twiki/bin/view

and when I attempt to edit, an error message comes up (The prior problem posted here was due to a typo in .htaccess)

I'm no longer stumped -- everything works -- another problem in .htaccess was fixed by writing

ErrorDocument 401 /twiki/bin/oops/TWiki/TWikiRegistration?template=oopsauth as indicated above.  The problem is that I thought !URL_path_to_TWiki! had to be absolute, i.e. /home/twiki/ rather then just /twiki/ 

thanks

-- BillBarowy - 13 May 2005