[Pmwiki-users] Re: Basic HTTP authentication
Fri Jul 23 12:29:14 CDT 2004
On Jul 23, 2004, at 2:00 PM, Pmwiki-users-request at pmichaud.com wrote:
> Which brings up a good topic -- if we're going to have to be using PHP
> sessions anyway, is there any real reason to keep Basic HTTP
> authentication as the default for PmWiki? There are enough systems
> around that don't support HTTP authentication in PHP that it might be
> worth defaulting to session-based authentication in the distribution
> and leaving HTTP Basic authentication as a configurable option.
Well as long as HTTP authentication remains optional...OK
My use of HTTP authentication is to prevent people from downloading
non-php files (e.g. uploaded word docs, excel files, etc) previously
uploaded into password-protected wiki areas.
As a pmwiki newbie, I don't know the status of pmwiki with regard to
restricting access to uploaded files. But I have exactly this problem
on my own cobbled together (non-pm) wiki. I have password protected
(non-pm) wiki areas that work just fine. But as soon as I added file
upload features (MSoffice documents, PDF, etc), I had to enable HTTP
authentication on the file upload directories and then ensure that the
various wiki and HTTP passwords are kept in sync.
More information about the pmwiki-users