From 2c1e02aa4574f6c264aee6e498da4d0ed6b2ed4b Mon Sep 17 00:00:00 2001 From: "http://www.cse.unsw.edu.au/~willu/" Date: Tue, 29 Jul 2008 23:39:15 -0400 Subject: alternate suggestion --- doc/plugins/contrib/unixauth/discussion.mdwn | 2 ++ 1 file changed, 2 insertions(+) diff --git a/doc/plugins/contrib/unixauth/discussion.mdwn b/doc/plugins/contrib/unixauth/discussion.mdwn index 7bfdc9665..91c59ff1d 100644 --- a/doc/plugins/contrib/unixauth/discussion.mdwn +++ b/doc/plugins/contrib/unixauth/discussion.mdwn @@ -18,3 +18,5 @@ So I don't think I'll be accepting this plugin into ikiwiki itself.. Thanks for the comments. That's definitely an undesirable interaction between pwauth and ikiwiki; in my current application it wouldn't be a serious problem, but I'd like this plugin to be general-purpose and safe enough for inclusion in ikiwiki. It's the system-users-are-wiki-users idea I'm married to here, not pwauth itself; can you suggest another approach I might take? -- [[schmonz]] + +> Have you considered using [[plugins/httpauth]] and then the appropriate apache module? There are apache modules like [mod_authnz_external](http://unixpapa.com/mod_auth_external.html) that might help. The advantage of these solutions is that they usually make the security implications explicit. -- Will -- cgit v1.2.3