response

author: http://www.google.com/profiles/schmonz <http://www.google.com/profiles/schmonz@web> 2010-01-05 00:29:37 +0000
committer: Joey Hess <joey@finch.kitenet.net> 2010-01-05 00:29:37 +0000
commit: 3e6331127b57fe4f3e48d3cf10536b2f2b70eefb (patch)
tree: f14cc24eae7f9faf0209209ef8ec23d8ba696ed1 /doc
parent: ae493178cf58cf5d7edfa30ccabe758b06febcb4 (diff)
1 files changed, 8 insertions, 0 deletions
diff --git a/doc/bugs/anonok_vs._httpauth.mdwn b/doc/bugs/anonok_vs._httpauth.mdwn
index d63e365c1..688274d67 100644
--- a/doc/bugs/anonok_vs._httpauth.mdwn
+++ b/doc/bugs/anonok_vs._httpauth.mdwn
@@ -16,3 +16,11 @@ and a whitelist of OpenIDs in `locked_pages`...)
 > to bounce through the cgiauthurl and actually sign in. This would be
 > significantly different than the regular httpauth process, in which the
 > user signs in in passing. --[[Joey]]
+
+>> My primary userbase has grown accustomed to the seamlessness of
+>> httpauth with SPNEGO, so I'd rather not reintroduce a seam into
+>> their web-editing experience in order to let relatively few outsiders
+>> edit relatively few pages. When is the decision made about whether
+>> the current page can be edited by the current user (if any)? What
+>> if there were a way to require particular auth plugins for particular
+>> PageSpecs? --[[schmonz]]
author	http://www.google.com/profiles/schmonz <http://www.google.com/profiles/schmonz@web>	2010-01-05 00:29:37 +0000
committer	Joey Hess <joey@finch.kitenet.net>	2010-01-05 00:29:37 +0000
commit	3e6331127b57fe4f3e48d3cf10536b2f2b70eefb (patch)
tree	f14cc24eae7f9faf0209209ef8ec23d8ba696ed1 /doc
parent	ae493178cf58cf5d7edfa30ccabe758b06febcb4 (diff)