On 2007-06-24 Tegan Dowling is rumoured to have said: > I would be interested in how other admins do this or if there > are any "best practices" recommendations... > > A simple text file on one's own box? > A protected page on the wiki? > > > Good question -- I'd be interested in hearing what others do, too. I have an > Admin wikigroup, which requires an admin password to read. One of its pages > contains the following:
For the wikis that I really want to protect, I use Apache Basic Authentication. On the web server there is a password file (usually named .htpasswd) that Apache uses for authenticating users. The passwords are encrypted. Because I have very tight control over a relatively small group of users, I keep a handwritten list of usernames and passwords in clear text. This list is hidden in my office. As Tegan said, I highly doubt this could be considered a "best practice". But is is unhackable from the net. ;-) Once the users are authenticated, I use the native authuser mechanism to grant access to particular pages. So on the Site.AuthUser page I have a list of groups like so: @Group1: Neil, Patrick, Tegan @Group2: Neil, Patrick, Alice, Bob, Chuck @Group3: Neil, Jim, Kyle, Linda ... and so on. Just to add excitement and confusion to the whole mess, I actually use the AuthUser groups to grant access to particular page groups. So, for example, on the page: PageGroupA/GroupAttributes?action=attr I set the read attribute to one or more of the AuthUser groups, such as @Group2. This has served me very well for several years now. -- Neil Herber Corporate info at http://www.eton.ca/ _______________________________________________ pmwiki-users mailing list [email protected] http://www.pmichaud.com/mailman/listinfo/pmwiki-users
