Question

I have everything working on my wiki, except it seems to have amnesia when it comes to remembering my username.

Here's my setup: I've enabled login when doing anything but viewing a page (e.g. edit, attach, ...), and in addition, I've set wiki-mediated access control on one web and on the TWikiPreferences and WebPreferences pages (these pages will be called the "proected pages"). I initially defined my TWikiAdminGroup to be my wikiname. My platform information is below.

Here's the problem: After I login, my wikiname is still listed as "guest" (the default wikiname in TWiki.cfg). When I try to edit a non-protected page, it'll ask my for my WikiName and password, accept them without a problem, and let me edit and save a page. But when I try to edit a protected page (which is restricted to a particular group, of which my wikiname is listed as a member), I am not allowed to view/edit/etc. the page.

Because TWiki thinks I'm "guest" no matter what I do, I've had to add Main.guest to TWikiAdminGroup to actually be able to change anything. It makes no difference if I try to create other logins or even use the TWikiGuest login.

I tried setting '$doRememberRemoteUser = "1";' and adding '$rememberUser = "1";' in TWiki.cfg, but these did not work. I've also tried requiring authentication on ALL .cgi scripts by replacing the individual file directives with the following in .htaccess, but this didn't work either.

<Files "*">
       require valid-user
</Files>

Here's my information:

• TWiki testenv: http://www.ocf.berkeley.edu/~morganya/twiki/bin/testenv.cgi
• TWiki version: 01 Feb 2003
• SERVER_SIGNATURE: Apache/2.0.49 (Unix) mod_ssl/2.0.49 OpenSSL/0.9.7d Server at www.ocf.berkeley.edu Port 80
• Operating system: Unix (solaris)
• Perl version: 5.00503
• User: morganya (Note: CGI scripts are executing as this user.)

One big problem is that I don't have root access on the machine I'm using (ocf.berkeley.edu), or any other admin privileges. I'm not even allowed to change the user or group of any of my files. Furthermore, it doesn't look like the system actually has an httpd.conf file that it is using. The only copy of httpd.conf I could find on the server, aside from some junk in user directories, was in /opt/local/packages/apache-1.3.23/conf/httpd.conf, which is a pretty weird place for an httpd.conf file, at least in my experience - it makes me suspect that there is no httpd.conf file that the system is using. It is, however, full of stuff, so I'll upload it just in case it's of use. Access.conf is in /etc/apache/access.conf, but it's empty.

I've read over AuthenticationBasicQuestionAllowFromAll, which referred to a similar problem in the comments but didn't give any helpful information on how to resolve it (aside from a vague mention of a $rememberUser variable - did they mean $doRememberRemoteUser? neither worked for me), and also over TWikiOnApache2dot0Hangs, KnownIssues, and many other docs produced through links and Google searches, and I haven't found anything that helped me (I apologize if I've missed the answer somewhere :~)). I'd very much appreciate some help on this problem. Thanks so much!

~Morgan Ames morganya(at)no.spam.ocf.berkeley.edu

• httpd.conf.txt: the httpd.conf file that is likely unused (I added the .txt extension)

Environment

TWiki version:	TWikiRelease01Feb2003
TWiki plugins:	DefaultPlugin, EmptyPlugin, InterwikiPlugin ... just the ones that come pre-installed
Server OS:	Unix (solaris)
Web server:	Apache/2.0.49 (Unix) mod_ssl/2.0.49 OpenSSL/0.9.7d
Perl version:	5.00503
Client OS:	WinXP
Web Browser:	Mozilla Firefox 0.8 and IE 6.0

-- TWikiGuest - 08 Jun 2004

Answer

Something is screwing up your login name to wiki name mapping. I don't know what (this is out of my league). When I login on your site instead of being known as 'Main.TWikiGuest' I am 'Main.guest'. See your user page on your site for my notes.

What do these say when before and after you've logged in? (they should change, last one might be blank): %WIKIUSERNAME, %USERNAME, %REMOTE_USER --> TWikiGuest, guest,

(and then try again using the viewauth script: http://twiki.org/cgi-bin/viewauth/Support/AccessProblemRememberLoginWikiName)

-- MattWilkie - 08 Jun 2004

Response

Thanks for your quick response! I've added the variables listed above to the Main page and the Officers page to make it easy to test. (The Officers web is supposed to be protected, but I've added Main.guest to the TWikiAdminGroup as a temporary workaround for these login problems).

Using the view script, I get this both before and after I log in (as MorganAmes), on both the Main and Officer webs:

• You are currently logged in as guest (wikiusername: Main.guest, wikiname: guest, remote username: ).

It's the same on both Firefox 0.8 and IE6. (I know the browser shouldn't make a difference, but sometimes Firefox doesn't really log me out of things when I close my browser or refresh when I ask it to, so I thought I'd try it on IE6 as well just to be safe.)

I realized I had failed to create a viewauth script, so first I created one. Now, using the viewauth script, I get the same results as the view script, both before and after I log in (as MorganAmes), on both the Main and Officers webs:

• You are currently logged in as guest (wikiusername: Main.guest, wikiname: guest, remote username: ).

It should say the above before I log in and the below after I log in:

• You are currently logged in as MorganAmes (wikiusername: MorganAmes, wikiname: MorganAmes, remote username: [probably nothing, since I'm not doing intranet logins]).

It looks like the webserver is just not forwarding the htaccess login information to twiki, ever, even immediately after logging in.

I have a hunch it might be an Apache misconfiguration, but since I don't have the ability to change the Apache server (and the OCF sysadmins generally don't change things, especially in the summer), it'd be great to have some ideas for workarounds.

Thanks again! ~Morgan Ames

P.S. On this twiki server, it shows me as TWikiGuest with an empty %REMOTE_USER before I log in, and as TWikiGuest across the board after I log on as TWikiGuest.

P.P.S. I tried installing first SessionPlugin and then SmartSessionPlugin to see if they would make any difference, but they do not. I just want to clarify that it looks like .htaccess still knows that I've logged in (since it lets me edit pages and use viewauth.cgi without prompting me for a password), but it never passes this information to TWiki. I had a look at the source tonight, and there's a whole bunch of stuff with $remote_user that should never be used on a non-intranet twiki. I just tried adding remote usernames to all of the registered users, on my TWikiUsers page, and it doesn't make any difference.

Here's the contents of the %ENV variable - there's no username-like thing, like I think there should be. It's being printed out at the top of the viewauth.cgi script (http://www.ocf.berkeley.edu/~morganya/twiki/bin/viewauth.cgi), if you want to take a look at it yourself.

SERVER_SOFTWAREApache/2.0.49 (Unix) mod_ssl/2.0.49 OpenSSL/0.9.7d
GATEWAY_INTERFACECGI/1.1
DOCUMENT_ROOT/opt/www/data
REMOTE_ADDR24.7.99.47
REQUEST_METHODGETQUERY_STRINGHTTP_ACCEPTimage/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/vnd.ms-excel, application/vnd.ms-powerpoint, application/msword, application/x-shockwave-flash, */*
REMOTE_PORT3479
SERVER_ADDR192.58.221.243
HTTP_ACCEPT_LANGUAGEen-us
REDIRECT_UNIQUE_IDgo2wMcA63fMAAFYcbPsAAAAQSCRIPT_
FILENAME/services/http/users/m/morganya/twiki/bin/view.cgi
REDIRECT_STATUS200
HTTP_ACCEPT_ENCODINGgzip, deflate
SERVER_NAMEwww.ocf.berkeley.edu
SERVER_PORT80PATH_TRANSLATED/services/http/users/m/morganya
SERVER_ADMINwww@ocf.berkeley.edu
UNIQUE_IDgo2wMcA63fMAAFYcbPsAAAAQ
SCRIPT_URIhttp://www.ocf.berkeley.edu/~morganya/twiki/bin/view.cgi
REDIRECT_URL/~morganya/twiki/bin/view.cgiSCRIPT_URL/~morganya/twiki/bin/view.cgi
SERVER_SIGNATURE
Apache/2.0.49 (Unix) mod_ssl/2.0.49 OpenSSL/0.9.7d Server at www.ocf.berkeley.edu Port 80
SERVER_PROTOCOLHTTP/1.1
HTTP_USER_AGENTMozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)
PATH/sbin:/usr/sbin:/usr/bin:/opt/really-local/bin:/usr/ucbTZUS/Pacific
HTTP_CONNECTIONKeep-Alive
REDIRECT_SCRIPT_URIhttp://www.ocf.berkeley.edu/~morganya/twiki/bin/view.cgi
SCRIPT_NAME/~morganya/twiki/bin/view.cgi
REDIRECT_SCRIPT_URL/~morganya/twiki/bin/view.cgi
REQUEST_URI/~morganya/twiki/bin/view.cgi
PATH_INFOHTTP_HOSTwww.ocf.berkeley.eduContent-Type: text/html; charset=ISO-8859-1 

Question

I have exactly the same problem - The TWiki requires you to login to Edit, Attach etc. but the view template always shows me logged in as TWikiGuest. Further one would think that since all Editing requires authentication - there cannot be any topics changed by TWikiGuest , but there seem to be dozens of changes reported as made by TWikiGuest. Any help is appreciated... I apologize if the protocol I am using to raise this issue is incorrect (Env: Apache on Linux, the Sep1-2003 TWiki install ). Thanks.

Response

I went through the same issue to finally realize no cookies were being set in the browser and worked it back from there. Have you verified all the plugin files installed in the correct location, have the .htaccess edit correct and have CGI::Session installed?

MikeGleeson - 11 May 2005