diff options
-rw-r--r-- | doc/todo/htpasswd_mirror_of_the_userdb.mdwn | 18 |
1 files changed, 15 insertions, 3 deletions
diff --git a/doc/todo/htpasswd_mirror_of_the_userdb.mdwn b/doc/todo/htpasswd_mirror_of_the_userdb.mdwn index 0582a6f7a..e4a411780 100644 --- a/doc/todo/htpasswd_mirror_of_the_userdb.mdwn +++ b/doc/todo/htpasswd_mirror_of_the_userdb.mdwn @@ -1,13 +1,19 @@ [[!tag wishlist]] -Ikiwiki is static, so access control for viewing the wiki must be implemented on the web server side. Managing wiki users and access together, we can currently +Ikiwiki is static, so access control for viewing the wiki must be +implemented on the web server side. Managing wiki users and access +together, we can currently * use [[httpauth|plugins/httpauth/]], but some [[passwordauth|plugins/passwordauth]] functionnality [[is missing|todo/httpauth_feature_parity_with_passwordauth/]]; * use [[passwordauth|plugins/passwordauth]] plus [[an Apache `mod_perl` authentication mechanism|plugins/passwordauth/discussion/]], but this is Apache-centric and enabling `mod_perl` just for auth seems overkill. -Moreover, when ikiwiki is just a part of a wider web project, we may want to use the same userdb for the other parts of this project. +Moreover, when ikiwiki is just a part of a wider web project, we may want +to use the same userdb for the other parts of this project. -I think an ikiwiki plugin which would (re)generate an htpasswd version of the user/passwd base (better, two htpasswd files, one with only the wiki admins and one with everyone) each time an user is added or modified would solve this problem: +I think an ikiwiki plugin which would (re)generate an htpasswd version of +the user/passwd base (better, two htpasswd files, one with only the wiki +admins and one with everyone) each time an user is added or modified would +solve this problem: * access control can be managed from the web server * user management is handled by the passwordauth plugin @@ -15,3 +21,9 @@ I think an ikiwiki plugin which would (re)generate an htpasswd version of the us * htpasswd files can be mirrored on other machines when the web site is distributed -- [[nil]] + +> I think this is a good idea. Although unless the password hashes that +> are stored in the userdb are compatible with htpasswd hashes, +> the htpasswd hashes will need to be stored in the userdb too. Then +> any userdb change can just regenerate the htpasswd file, dumping out +> the right kind of hashes. --[[Joey]] |