Settings Documentation

Clicking the Login icon on the Admin Panel (see Tiki Config ) takes you to the Login settings.

User Registration and Login Settings

In this section of the admin panel you can setup several settings for your user registration and site security features. The settings are the following ones:


Authentication methodChoose between Tiki, Web server, and Tiki/Pear::Auth. Tiki will use your user database built into Tiki. Web server will use your web server's authentication. Tiki/Pear::Auth is a combination of the Tiki user database and Pear::Auth, which will allow LDAP authentication (and others in future?). See below for Pear settings.
Users can register: If enabled, the login box will display a register link when the user is not logged and the user will have the option to register using a webform. If disabled, each user will need to be setup by an admin.
Request passcode to register: If enabled, you have to enter a password that will be required to let users register into the system. This can be used in sites where users are invited or they receive a passcode after paying a fee or something like that. Semi-private or semi-public sites may enjoy this feature.
Prevent automatic/robot registration:If enabled, it will present the new user with a graphic showing a series of numbers. They will need to key in these numbers before they will be allowed to register.
Validate users by emails: If enabled, then when a user registers Tiki will send the user an email with a link that the user must use to login for the first time. Once logged in using this link, the user will be validated and can login as a regular user. This feature is useful if you as an admin want to be sure that the user email addresses are correct and not fake.
Remind passwords by email: If enabled, then a link to I forgot my password will be displayed in the login box. Users will be able to enter their login names, and Tiki will send them emails with their passwords.
Reg users can change themeIf enabled, registered users can configure the theme.
Reg users can change languageIf enabled, registered users can configure the site's language.
Store plaintext passwordsIf enabled, passwords are stored in the database in clear plaintext; and the remind password feature sends the user his password.
If not enabled, only a hash is stored; and the remind password feature generates a new password and sends that password to the user.
Use challenge-response authenticationIf enabled and the user's browser supports JavaScript, passwords ARE NOT SENT across the network. Instead, a challenge response algorithm is used. Tiki generates a challenge code and the browser sends a response based on the challenge that Tiki verifies to login the user. Challenge responses cannot be reused. This method, if enabled, strongly enforces the security of your user passwords. If you use it you don't need an HTTPs connection for extra security. The drawback to this method is that users will have to enter their email address every time they login. - three boxes to fill in not two.
Force to use chars and numbers in passwordsIf enabled, Tiki will validate user passwords and reject passwords that do not contain both letters and numbers.
Minimum password lengthThe minimum length for a password to be accepted.
Passwords are invalid after n daysTiki will force users to change their passwords after this period.
Allow secure https loginEnable this setting If you want to use an HTTPs connection for login.
HTTP and HTTPs settingsSettings for HTTPs logins. You may have your HTTP and HTTPs server in different URLS/ports.
Remember me feature:If enabled, this will put a Remember me checkbox for the user's login. You will also need to set how long the server will remember them.

Pear::Auth settings

Tiki can authenticate users using a LDAP server via Pear::Auth. The following settings only make sense, if you have set "Authentication method" to "Tiki/Pear::Auth" in the above dialog. Tiki then uses the LDAP server in addition to its own user database (users_users) to authenticate users.


Create user if not in Tiki?If a user was authenticated via LDAP, but not found in the Tiki user database, Tiki will create an entry in its user database if this option is checked. If this option is disabled, this user wouldn't be able to log in
Create user if not in Auth?If a user was authenticated by Tiki's user database, but not found on the LDAP server, Tiki will create an LDAP entry for this user. See Pear::Auth on how an entry is created.
Just use tiki auth for admin?If this option is set, the user "admin" will be authenticated by only using Tiki's user database and not via LDAP. This option has no effect on users other than "admin".
LDAP HostThe hostname or ip address of you LDAP server (usually localhost).
LDAP PortThe port number your LDAP server uses (389 is the default).
LDAP ScopeSearch scope (base = Base object search, one = one-level search, sub = Subtree search (default) ) used during authentication for finding a user on the LDAP server.
LDAP Base DNBase DN of the LDAP server. If you leave this empty, Pear::Auth will try to query your LDAP server for its base DN. Example: dc=my-company,dc=com
LDAP User DNRDN to prepend to the base DN when searching for a user. Example: ou=People will result search in ou=People,dc=my-company,dc=com
LDAP User attributeAttribute that contains the username.
LDAP User OCObject class an entry must have when searching for a user. This is mandatory ! If you dont know what to fill in, use * (an asterix)
LDAP Admin UserDN of the entry to use to bind to the LDAP server for user creation. While authentication works without binding as a privileged DN, creation of an entry usually does not. This admin DN is only used when creating user entries on the LDAP server (i.e. only if the option Create user if not in Auth is checked). Authentication works without an admin DN (Pear::Auth will try to bind using the username/password to authenticate).
LDAP Admin PwdPassword for the above DN.

The LDAP Group and LDAP Member settings are currently not used by Tiki (as of 1.8rc2).


Who is working here generally?


Page last modified on Sunday 13 March 2005 17:33:25 GMT-0000

Upcoming Events

1)  Thu 19 Dec 2019 14:00 GMT-0000
Roundtable Meeting 2019 12

Why Register?

Register at tiki.org and you'll be able to use the account at any *.tiki.org site, thanks to the InterTiki feature. A valid email address is required to receive site notifications and occasional newsletters. You can opt out of these items at any time.