Difference: TWikiUserAuthentication (15 vs. 16)

Revision 1614 Apr 2003 - PeterThoeny

Line: 1 to 1
 

TWiki User Authentication

Line: 11 to 11
 

Authentication Options

Changed:
<
<
No special installation steps are required if the server is already authenticated. If it isn't, you have three standard options for controlling user access:
  1. Forget about authentication to make your site completely public - anyone can browse and edit freely, in classic Wiki mode. All visitors are assigned the TWikiGuest default identity, so you can't track individual user activity.
  2. Use SSL (Secure Sockets Layer; HTTPS) to authenticate and secure the whole server.
  3. Use Basic Authentication (.htaccess) to control access by protecting key scripts: attach, edit=, installpasswd, preview, rename, save, upload using the .htaccess file. The TWikiInstallationGuide has step-by-step instructions.
>
>
No special installation steps are required if the server is already authenticated. If it isn't, you have these options for controlling user access:
  1. No login at all: Forget about authentication to make your site completely public - anyone can browse and edit freely, in classic Wiki mode. All visitors are assigned the TWikiGuest default identity, so you can't track individual user activity.
    • How: Default, no web server configuration necessary
  2. No login to view; require login to edit: Keeping track of who changed what and when, while keeping view access unrestricted is desirable in most TWiki deployments. This option is not suitable if you need TWikiAccessControl for view restricted content since TWiki does not know who a user is when looking at content.
    • How: Use Basic Authentication (.htaccess) to control access by protecting key scripts: attach, edit, installpasswd, manage, preview, rename, save, upload using the .htaccess file. The TWikiInstallationGuide has step-by-step instructions.
  3. No login to view unless necessary; require login to edit: You prefer not to bother the user with login for unrestricted content, but you need TWikiAccessControl for view restricted content. There are two ways to accomplish this:
    • How 1: Use Basic Authentication with Partial Authentication (described below)
    • How 2: Use one of the Session TWiki:Plugins where you give the user the option to login and logout.
  4. Require login to view and edit: Most restrictive, but TWiki knows who the user is at all times. There are two ways to accomplish this:
    • How 1: Use Basic Authentication to authenticate the whole twiki/bin directory. Consult your web server documentation.
    • How 1: Use SSL (Secure Sockets Layer; HTTPS) to authenticate and secure the whole server. Consult your web server documentation.
 

Partial Authentication

 
This site is powered by the TWiki collaboration platformCopyright � by the contributing authors. All material on this collaboration platform is the property of the contributing authors.
Ideas, requests, problems regarding TWiki? Send feedback
Note: Please contribute updates to this topic on TWiki.org at TWiki:TWiki.TWikiUserAuthentication