fannie/auth/README
=========================================
Andy's Fannie Authentication Module
=========================================
This collection of functions authenticates
users and assigns them privileges either
individually or in groups. Authentication can
be done via SQL, *nix shadow passwords, or
LDAP. Privileges are always stored in SQL so
the database tables are required. See
$FANNIE/auth/doc/ for table structure & API.
=========================================
Disabling Authentication
=========================================
Not everyone wants or needs authentication.
To bypass all authentication checking,
create this file:
$FANNIE/auth/init.php
Content of the file is irrelevant.
Removing read permission from
$FANNIE/auth/ui/ is probably a good idea
from a security standpoint.
=========================================
Installation / Setup
=========================================
See $IS4C/documentation/Fannie/developer/auth.html
for a possibly different procedure.
1. Create a file $FANNIE/auth/init.php
This gives you all options without logging in.
2. Go to $FANNIE/auth/ui/menu.php and create
a new [SQL] user. Because you're in the
init mode, the necessary tables are created
automatically.
3. Give your user the authorization "Admin"
(with subs "all" and "all"). Admin users
can create other users, groups, and alter
authorizations.
4. Delete $FANNIE/auth/init.php. Authentication
is now enforced; create other users with
your admin user as needed.
OPTIONAL: Add *nix shadow authentication
5. cd $FANNIE/auth/shadowread
make
sudo make install
OPTIONAL: Add LDAP authentication
6. Edit the setup variables in ldap_login()
in login.php. You have to declare where
your LDAP host is and how the data is
layed out, essentially. The defaults
will probably work with openldap's defaults.