[Pmwiki-users] Easily Hackable?

Patrick R. Michaud pmichaud
Thu Apr 1 18:18:53 CST 2004


On Thu, Apr 01, 2004 at 03:08:13PM -0700, H. Fox wrote:
> Here are a few advantages I perceive for using .htaccess vs. PmWiki's 
> built-in authentication.
> - Access restrictions may be common with other pages outside the wiki.
> - Groups (of users) may be defined, allowing each individual to
>   have their own password.
> - Author tracking may be forced.

It would be no problem to have PmWiki use Apache's htpasswd files as 
a source of usernames/passwords (via HTTP Basic authentication).  
This could even be done without having to set up .htaccess files--
i.e., the user would be prompted for a username/password only 
when attempting an operation that requires authorization.
This is in contrast to setting up authentication with .htaccess files,
which requires authentication for all access to pages, including
browsing.

If anyone is interested in a script to make use of htpasswd files for
username/passwords, let me know and I'll write one for the cookbook.

Pm




More information about the pmwiki-users mailing list