blob: 0582a6f7a88b11f8f3b33acc6ea85ccf2b543628 (
plain)
[[!tag wishlist]]
Ikiwiki is static, so access control for viewing the wiki must be implemented on the web server side. Managing wiki users and access together, we can currently
- use [[httpauth|plugins/httpauth/]], but some [[passwordauth|plugins/passwordauth]] functionnality [[is missing|todo/httpauth_feature_parity_with_passwordauth/]];
- use [[passwordauth|plugins/passwordauth]] plus [[an Apache
mod_perl authentication mechanism|plugins/passwordauth/discussion/]], but this is Apache-centric and enabling mod_perl just for auth seems overkill.
Moreover, when ikiwiki is just a part of a wider web project, we may want to use the same userdb for the other parts of this project.
I think an ikiwiki plugin which would (re)generate an htpasswd version of the user/passwd base (better, two htpasswd files, one with only the wiki admins and one with everyone) each time an user is added or modified would solve this problem:
- access control can be managed from the web server
- user management is handled by the passwordauth plugin
- htpasswd format is understood by various servers (Apache, lighttpd, nginx, ...) and languages commonly used for web development (perl, python, ruby)
- htpasswd files can be mirrored on other machines when the web site is distributed
-- [[nil]]
|
