========================================= Andy's Fannie Authentication Module ========================================= This collection of functions authenticates users and assigns them privileges either individually or in groups. Authentication can be done via SQL, *nix shadow passwords, or LDAP. Privileges are always stored in SQL so the database tables are required. See $FANNIE/auth/doc/ for table structure & API. ========================================= Disabling Authentication ========================================= Not everyone wants or needs authentication. To bypass all authentication checking, create this file: $FANNIE/auth/init.php Content of the file is irrelevant. Removing read permission from $FANNIE/auth/ui/ is probably a good idea from a security standpoint. ========================================= Installation / Setup ========================================= See $IS4C/documentation/Fannie/developer/auth.html for a possibly different procedure. 1. Create a file $FANNIE/auth/init.php This gives you all options without logging in. 2. Go to $FANNIE/auth/ui/menu.php and create a new [SQL] user. Because you're in the init mode, the necessary tables are created automatically. 3. Give your user the authorization "Admin" (with subs "all" and "all"). Admin users can create other users, groups, and alter authorizations. 4. Delete $FANNIE/auth/init.php. Authentication is now enforced; create other users with your admin user as needed. OPTIONAL: Add *nix shadow authentication 5. cd $FANNIE/auth/shadowread make sudo make install OPTIONAL: Add LDAP authentication 6. Edit the setup variables in ldap_login() in login.php. You have to declare where your LDAP host is and how the data is layed out, essentially. The defaults will probably work with openldap's defaults.