Authentication and BibORB

Configure the authentication support in BibORB 1.3.3.

Index

Introduction
.htaccess
MySQL
File

Introduction

If BibORB is used in a collaborative way, you will want to define who can add, modify or delete references. Presently, two authentication methods are supported: MySQL and files.

Access restriction using `.htaccess`

You can use .htaccess to restrict the access to BibORB. Create a new .htpasswd file and uncomment the authentication section in .htaccess

AuthName BibORB Restricted Area
AuthType Basic
AuthUserFile /path/to/htpasswd
require valid-user

MySQL authentication

Values to defined in config.php:

/**
 * If TRUE, this will disable authentification.
 * All users will have the administrator status
 */
define("DISABLE_AUTHENTICATION",TRUE);

/**
 * Authentication methods: mysql, files
 * Used if DISABLE_AUTHENTICATION = FALSE
 */
define("AUTH_METHOD",'mysql');

The next step is to correctly set up php/auth_backends/auth.mysql.php. This is done by defining:

/**
    The database configuration
*/
$host = "localhost";
$db = "biborb";
$dbuser = "biborb-admin";
$pass = "biborbdev";
$table = "biborb_users";
$auth_table = "biborb_auth";
$pref_table = "user_preferences"

$host: address of the machine hosting the database.
$db: name of the database.
$dbuser: a valid MySQL user which has access to the database.
$pass: its password.
$table: the table containing valid biborb users and passwords.
$auth_table: the table that defined authorizations for biborb users.
$pref_table: the table that defined biborb users preferences.

data/biborb.sql contains the SQL structure used with the MySQL authentication. Have a look to php/auth_backends/auth.mysql.php for details about the structure of the database.

Files authentication

If you don't want or don't have access to a database, you can configure authorizations using files.