Welcome, Registration, and other StartingPoints; TWiki history & Wiki style; All the docs...
View   r16  >  r15  ...
TWikiUserAuthentication 16 - 14 Apr 2003 - Main.PeterThoeny
Line: 1 to 1
 

TWiki User Authentication

Line: 11 to 11
 

Authentication Options

Changed:
<
<
No special installation steps are required if the server is already authenticated. If it isn't, you have three standard options for controlling user access:
  1. Forget about authentication to make your site completely public - anyone can browse and edit freely, in classic Wiki mode. All visitors are assigned the TWikiGuest default identity, so you can't track individual user activity.
  2. Use SSL (Secure Sockets Layer; HTTPS) to authenticate and secure the whole server.
  3. Use Basic Authentication (.htaccess) to control access by protecting key scripts: attach, edit=, installpasswd, preview, rename, save, upload using the .htaccess file. The TWikiInstallationGuide has step-by-step instructions.
>
>
No special installation steps are required if the server is already authenticated. If it isn't, you have these options for controlling user access:
  1. No login at all: Forget about authentication to make your site completely public - anyone can browse and edit freely, in classic Wiki mode. All visitors are assigned the TWikiGuest default identity, so you can't track individual user activity.
    • How: Default, no web server configuration necessary
  2. No login to view; require login to edit: Keeping track of who changed what and when, while keeping view access unrestricted is desirable in most TWiki deployments. This option is not suitable if you need TWikiAccessControl for view restricted content since TWiki does not know who a user is when looking at content.
    • How: Use Basic Authentication (.htaccess) to control access by protecting key scripts: attach, edit, installpasswd, manage, preview, rename, save, upload using the .htaccess file. The TWikiInstallationGuide has step-by-step instructions.
  3. No login to view unless necessary; require login to edit: You prefer not to bother the user with login for unrestricted content, but you need TWikiAccessControl for view restricted content. There are two ways to accomplish this:
    • How 1: Use Basic Authentication with Partial Authentication (described below)
    • How 2: Use one of the Session TWiki:Plugins where you give the user the option to login and logout.
  4. Require login to view and edit: Most restrictive, but TWiki knows who the user is at all times. There are two ways to accomplish this:
    • How 1: Use Basic Authentication to authenticate the whole twiki/bin directory. Consult your web server documentation.
    • How 1: Use SSL (Secure Sockets Layer; HTTPS) to authenticate and secure the whole server. Consult your web server documentation.
 

Partial Authentication


Revision 16r16 - 14 Apr 2003 - 06:55:29 - PeterThoeny?
Revision 15r15 - 29 Dec 2002 - 02:04:30 - PeterThoeny?
This site is powered by the TWiki collaboration platform.
All material on this collaboration platform is the property of the contributing authors.
All material marked as authored by Eben Moglen is available under the license terms CC-BY-SA version 4.
Syndicate this site RSSATOM