blob: 688274d679e4c610fe7e83186d8c43bd48c5c47a (
plain)
I've got a wiki where editing requires [[plugins/httpauth]] (with
cgiauthurl working nicely). I now want to let the general public
edit Discussion subpages, so I enabled [[plugins/anonok]] and set
anonok_pagespec to '*/Discussion' , but HTTP auth is still being
required for those.
(Actually, what I'll really want to do is probably [[plugins/lockedit]]
and a whitelist of OpenIDs in locked_pages ...)
--[[schmonz]]
The only way I can see to support this combination is for httpauth with
cgiauthurl to work more like other actual login types. Which would mean
that on editing a page that needs authentication, ikiwiki would redirect
them to the Signin page, which would then have a link they could follow
to bounce through the cgiauthurl and actually sign in. This would be
significantly different than the regular httpauth process, in which the
user signs in in passing. --[[Joey]]
My primary userbase has grown accustomed to the seamlessness of
httpauth with SPNEGO, so I'd rather not reintroduce a seam into
their web-editing experience in order to let relatively few outsiders
edit relatively few pages. When is the decision made about whether
the current page can be edited by the current user (if any)? What
if there were a way to require particular auth plugins for particular
PageSpecs? --[[schmonz]]
|