Security Variables

$DefaultPasswords (not documented yet) $EnablePostAttrClearSession
A switch to control whether or not changing a page's attributes causes any existing passwords to be forgotten. The default is that changing attributes forgets any passwords entered; this can be changed by setting $EnablePostAttrClearSession to zero. $HandleAuth
This sets the required authentication Level that is necessary to perform an action. When using the following example in your config.php you need to be authenticated as editor in order to view the page history:
        $HandleAuth['diff'] = 'edit';  $PageAttributes
Set the string showed on the attributes page when entering a password for an action.
$AuthLDAPBindDN For sites using AuthUser with LDAP authentication, this specifies the distinguished name (DN) to be used to bind to the LDAP server to check identity. $AuthLDAPBindPassword
For AuthUser with LDAP authentication, this specifies the password used for binding (in conjunction with \$AuthLDAPBindDN above).