summaryrefslogtreecommitdiff
path: root/doc/plugins/passwordauth/discussion.mdwn
blob: 8ae960edd149238a4aaeb74bdb15165cfb19f8fc (plain) 
It's a bit inconvenient that one also has to type in the
Login - Confirm Password if one only wants to change
the Preferences -- Subscriptions.  --[[tschwinge]]




You don't. The password fields on the preferences fields are only needed
if you want to change your password and should otherwise be left blank.
--[[Joey]]








Aha, then the problem is Firefox, which is automatically filling the
Password field with its previous value, but not filling the
Confirm Password one.  --[[tschwinge]]






easy access to the userdb for apache auth?


My use case is:


    

  • restricted ikiwiki
    • 

  • read/edit only allowed from the local network (done with apache restrictions)
    • 

  • edit only for people authenticated (done with vanilla ikiwiki passwordauth)
    • 



I would like to allow people to read/edit the wiki from outside of the
local network, if and only if they already have an ikiwiki account.


[[httpauth]] doesn't fit since it doesn't allow anonymous local users
to create their own account. I want a single, local, simple auth
database.


My (naïve?) idea would be:


    

  • keep the [[passwordauth]] system
    • 

  • provide a way for Apache to use the userdb for authentication if
people want to connect from outside
    • 



I looked at the various auth modules for apache2. It seems that none
can use a "perl Storable data" file. So, I think some solutions could
be:


    

  • use a sqlite database instead of a perl Storable file

      

    • can be used with
mod_auth_dbd
      • 

    • requires a change in ikiwiki module [[passwordauth]]
      • 

    

    • 

  • use an external program to read the userdb and talk with
mod_auth_external

      

    • requires the maintainance of this external auth proxy over ikiwiki
userdb format changes
      • 

    • (I don't know perl)
      • 

    

    • 

  • include this wrapper in ikiwiki

      

    • something like ikiwiki --auth user:pass:userdb check the
user:pass pair in userdb and returns an Accept/Reject flag to
Apache
      • 

    • requires a change in ikiwiki core
      • 

    • still requires
mod_auth_external
      • 

    

    • 

  • do it with Apache perl sections

      

    • (I don't know perl)
      • 

    

    • 



Any opinion/suggestion/solution to this is welcome and appreciated.


--
[[NicolasLimare]]
generated by cgit v1.2.3 (git 2.39.1) at 2024-07-02 17:37:07 +0000