#---------------------------------------
# Authentication and authorization
#
#-# Enable to allow superadmin. It is disabled by default as this could be
a
#-# security breach if it were set and you forgot about it. Should only be
enabled
#-# for recovering the Wiki when the rights are completely messed.
xwiki.superadminpassword=system
#-# Authentication type. You can use 'basic' to always use basic
authentication.
# xwiki.authentication=form
#-# Indicate if the authentication has do be done for each request
#-# 0: the default value, authentication is done only once by session.
#-# 1: the authentication is done for each request.
# xwiki.authentication.always=0
#-# Cookie encryption keys. You SHOULD replace these values with any
random string,
#-# as long as the length is the same.
xwiki.authentication.validationKey=totototototototototototototototo
xwiki.authentication.encryptionKey=titititititititititititititititi
#-# Comma separated list of domains for which authentication cookies are
set. This
#-# concerns mostly wiki farms. The exact meaning is that when a user logs
in, if
#-# the current domain name corresponding to the wiki ends with one of the
entries
#-# in this parameter, then the cookie is set for the larger domain.
Otherwise, it
#-# is set for the exact domain name of the wiki.
#-#
#-# For example, suppose the cookiedomains is set to "mydomain.net". If I
log in
#-# on
wiki1.xwiki.com, then the cookie will be set for the entire
mydomain.net
#-# domain, and if I visit
wiki2.xwiki.com I will still be authenticated.
If I log
#-# in on
wiki1.otherdomain.net, then I will only be authenticated on
#-#
wiki1.otherdomain.net, and not on
wiki2.otherdomain.net.
#-#
#-# So you need this parameter set only for global authentication in a
#-# farm, there's no need to specify your domain name otherwise.
#-#
#-# Example:
xwiki.authentication.cookiedomains=xwiki.org,myxwiki.org
xwiki.authentication.cookiedomains=
If I read this correctly the keys aren't at their default, because they
aren't commented out?
I haven't touched the .cfg up to now.
--
View this message in context: