Consider the following scenario: You want to have several wikis on the same server and your users only want to login once. For this single-sign-on scenario to work you have to do the following things:
DOKU_COOKIE
in inc/init.php to something that is the same on all instances, for example md5('commoncookie')
. DOKU_COOKIE
is the name of the cookie that is set after a user logs in. In a standard DokuWiki installation it's a hash of the full URL (including the path).setcookie
calls in inc/auth.php
, change DOKU_REL
to '/'
. This ensures that only one cookie is sent to all instances on the server.data/meta/_htcookiesalt
must be the same on all instances. The file gets created when a user first logs in, after that, the content stays the same.conf/users.auth.php
in the “slave” wikis must be a hard link to this file in the “master” wiki. If you have a similar namespace structure or don't need complex ACL setups, you can also share the file conf/acl.auth.php
.There are many other common login feasible like LDAP and Active Directory just search and install
The original instructions said in Step 4, “The file conf/users.auth.php
in the “slave” wikis must be a symlink to this file in the “master” wiki.” When I tried using a symbolic link, I got the error messages,
! User authentication is temporarily unavailable. If this situation persists, please inform your Wiki Admin. ! No ACL setup yet! Denying access to everyone.
I made sure the link was not read-only, and that the permissions were the same as those on a working installation, in particular that the Internet Guest Account has Read and Write permissions. When I used a hard link, the set-up worked as advertised. I have changed the instructions accordingly, even though I don't understand what is going on. –Art Carlson, Max Planck Institute of Biochemistry, Munich, Germany
The reason why symlinks don't work for some users, but do work for others, is that not all web server configs will support following symbolic links. Supporting symbolic links can open up some security problems, so turning off that protection isn't a swell idea