TIP ModifyLoginPlugin is not installed on Foswiki.org.

Modify Login Plugin

The plugin can modify a login by changing case or stripping all after @

The features for modifying the login name are

  • Change all characters to lower case
  • Change all characters to upper case
  • Strip all characters after a @ including the @

And it describes how to alter the registration topic to ensure login name is in right upper/lower case for the new user. (Manual modification description)

Additionally the plugin enables assigning a login name when specific topics are being viewed.

Plugin Preferences

Plugin preferences are set using configure

The plugin does not have any preferences that can be set in topics.

  • $Foswiki::cfg{Plugins}{ModifyLoginPlugin}{ChangeCase}
    • 'none' means no case conversion is done
    • 'uppercase' means the login name is altered to uppercase
    • 'lowercase' means the login name is altered to lowercase

  • $Foswiki::cfg{Plugins}{ModifyLoginPlugin}{StripAfterAtsign}
    • Enabled means strips all characters after a @ including the @

  • $Foswiki::cfg{Plugins}{ModifyLoginPlugin}{MapPathToUser}
    • A list of paths that maps to special users

Ensure correct case at registration

The plugin does not alter the login used when you register

To ensure people do not register with the wrong case go to the UserRegistration topic (normally UserRegistration and find the line that says

   * Set BESPOKE_AUTH = <tr><td align=\"right\"> %MAKETEXT{"(how you log in) LoginName:"}% </td><td><input %NOREGISTRATION% type=\"text\" name=\"Twk1LoginName\" size=\"40\" class=\"foswikiInputField\" value=\"%REMOTE_USER%\" /> =<span class='foswikiAlert'>*</span>= </td></tr>

and change it to this if you want to change to lowercase

   * Set BESPOKE_AUTH = <tr><td align=\"right\"> %MAKETEXT{"(how you log in) LoginName:"}% </td><td><input %NOREGISTRATION% type=\"text\" name=\"Twk1LoginName\" size=\"40\" class=\"foswikiInputField\" value=\"%REMOTE_USER%\" onblur=\"this.value = this.value.toLowerCase();\" /> =<span class='foswikiAlert'>*</span>= </td></tr>

or to this for uppercase

and change it to this if you want to change to lowercase

   * Set BESPOKE_AUTH = <tr><td align=\"right\"> %MAKETEXT{"(how you log in) LoginName:"}% </td><td><input %NOREGISTRATION% type=\"text\" name=\"Twk1LoginName\" size=\"40\" class=\"foswikiInputField\" value=\"%REMOTE_USER%\" onblur=\"this.value = this.value.toUpperCase();\" /> =<span class='foswikiAlert'>*</span>= </td></tr>

Modify the login/user name based on the URL path

The plugin allows hardcoded mappings to a specific username based on the topic being viewed.

This allows the administrator to create a very controlled "back door" typically used to lookup information without authentication.

The typical use case is:

  • You have a Foswiki installation where guest access is by default disabled. Ie. all webs have DENYWEBACCESS = WikiGuest
  • And/or you always want normal viewing of topics to happen as an authenticated user. This can be because the views or default values in entry fields depend on the user being authenticated
  • You need one special topic with a SEARCH to work without authentication. E.g. a topic that lookup information in a web used as a database wiki application and return it as XML. This topic is used by an external program that cannot authenticate
  • The Foswiki installation is setup with a single sign on authentication (e.g. a corporate LDAP) and you cannot create an authenticated service account.

You can now do the following.

  • Register a special user for the purpose. E.g create a user with the login dbuser and WikiName DatabaseUser
  • Create the query topic that contains the SEARCH or QUERY that fetch the information from the database topics. Make sure this topic has a ALLOWTOPICCHANGE setting to prevent hackers from modifying the topic and abuse it as a back door. E.g. We create a topic called /Databaseweb/QueryTopic
  • In configure you find the settings for the ModifyLoginPlugin and map this topic to the dbuser by setting the {Plugins}{ModifyLoginPlugin}{MapPathToUser} to.
       {
         '/Databaseweb/QueryTopic' => 'dbuser'
       }
       

Other use cases can be that you have a web which is view restricted to a specific group because the topics contain confidencial information. But you would like to be able to create a SEARCH that returns the content of a few formfields that do not contain any sensitive information. You can now do the following.

  • Again create this special user
  • Add this special user to the group that has access to the confidencial web.
  • Create a topic containing a SEARCH that return the information from the formfields that are not sensitive.
  • Protect this topic against changes from others. Make sure the special user does not get edit rights either.
  • Map this special topic to the special user in {Plugins}{ModifyLoginPlugin}{MapPathToUser}

Note that if you are already logged in and you are a member of the AdminGroup the plugin will not change your login name. This enables the admin to put an ALLOWTOPICCHANGE in the special topic and still be able to edit this topic.

Installation

You do not need to install anything in the browser to use this extension. The following instructions are for the administrator who installs the extension on the server.

Open configure, and open the "Extensions" section. Use "Find More Extensions" to get a list of available extensions. Select "Install".

If you have any problems, or if the extension isn't available in configure, then you can still install manually from the command-line. See http://foswiki.org/Support/ManuallyInstallingExtensions for more help.

Plugin Info

Change History:  
30 Jul 2015 (2.1) Foswiki:Main.OlivierRaginel - prevent changing already authenticated admin
24 Mar 2011 (2.0) Added the feature that can map a /web/topic path to a special username
24 Feb 2010 (1.0) Initial release

Topic revision: r4 - 30 Jul 2015, KennethLavrsen - This page was cached on 24 May 2016 - 08:19.

The copyright of the content on this website is held by the contributing authors, except where stated elsewhere. See Copyright Statement. Creative Commons License