diff options
author | Peter Thoeny <web-hurd@gnu.org> | 2001-01-21 07:50:19 +0000 |
---|---|---|
committer | Peter Thoeny <web-hurd@gnu.org> | 2001-01-21 07:50:19 +0000 |
commit | 100f25e7ef709ed467db8a0ca75c5c3c849c5b39 (patch) | |
tree | edee7b507ce685e146c03034c5ad9bc69b523d08 /TWiki | |
parent | 25d923e444ac9749db86759ea4b303c0649dacc6 (diff) |
none
Diffstat (limited to 'TWiki')
-rw-r--r-- | TWiki/TWikiAccessControl.mdwn | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/TWiki/TWikiAccessControl.mdwn b/TWiki/TWikiAccessControl.mdwn index 63a0c2c6..d43da426 100644 --- a/TWiki/TWikiAccessControl.mdwn +++ b/TWiki/TWikiAccessControl.mdwn @@ -63,6 +63,13 @@ Define one or both of these variable in the %WEBPREFSTOPIC% topic: _Notes for read access restriction:_ +* Read access restriction only works if the view script is authenticated, that means that users need to log on also just to read topics. [TWiki Installation](TWikiDocumentation#installation) has more on basic authentication based on the `.htaccess` file. +* There is a workaround if you prefer to to have unrestricted access to view topics located in normal webs, and to authenticate users only for webs where view restriction is enabled: + * Leave the `view` script non authenticated in the `.htaccess` file. + * Enable the `$doRememberRemoteUser` flag in `wikicfg.pm` as described in [TWiki Authentication](TWikiDocumentation#authentication). %WIKITOOLNAME% will now remember the IP address of an authenticated user. + * Copy the `view` script to `viewauth` (or better, create a symbolic link) + * Enable authentication for the `viewauth` script in the `.htaccess` file. + * When a user accesses a web where you enabled view restriction, %WIKITOOLNAME% will redirect from the `view` script to the `viewauth` script once (this hapens only if the user has never edited a topic). Doing so will ask for authentication. The `viewauth` script shows the requested topic if the user could log on and if the user is authorized to see that web. * If you enable view restriction for a web, it is recommended to restrict search "all webs" from searching this web. Enable this restriction with the `NOSEARCHALL` variable in its [[WebPreferences]], like: * Set NOSEARCHALL = on * It is not recommended to restrict view access to individual topics since all content is searchable **_within_** a web. |