We have an intranet wiki running 1.27 from tarball. I just installed the previous version of GoogleLogin (0.3.1, because automatic account creation works and it doesn't in 0.4). So you now need Google Login on one of our whitelisted GApps domains to read it, let alone edit it.
What we want is to make this available on the public Internet (SSL of course) so that workers in our international offices can use it, if they're logged into their work Google account. This is pretty much the "hard shell, tasty soft centre" security model. Is this a desperately unsafe thing to do? Has anyone else done this or something like it? (We could put basic auth in front of it as well, but this is for the sort of non-technical worker who this would desperately confuse. We probably can't lock it to given IP ranges either.) - d. _______________________________________________ MediaWiki-l mailing list To unsubscribe, go to: https://lists.wikimedia.org/mailman/listinfo/mediawiki-l
