[pmwiki-users] RSS feeds and passwords
jhaupt at gmail.com
Mon Nov 12 11:47:18 CST 2007
On Nov 12, 2007 11:10 AM, Patrick R. Michaud <pmichaud at pobox.com> wrote:
> It depends on what you mean by "encrypted password". No matter
> the form of the password (encrypted or cleartext), anyone who is
> able to obtain the authpw= parameter of the url would be able to use
> that value to access the RSS feed.
> It is possible, however, to set up RSS-only passwords -- i.e.,
> passwords that provide access to the RSS feed(s) but not to
> anything else.
Yeah, but they wouldn't have the actual password, so they wouldn't be
able to use the encrypted value for anything but the RSS, right? I
mean, you couldn't then use the encrypted value to edit a page, for
The nice thing about this approach is that the password may have read
access to some (but not all) pages, simply through the usual way. If
you create a RSS-only password, how would you ensure that someone with
this password only had access to x page and not y or z? You'd have to
specify this somehow, and that seems like it'd be duplicating
work--unless there was a way to tie it to another (read) password.
More information about the pmwiki-users