Hello,
We continue to do our homeworks concerning a project we have to build a wiki
for our enterprise: 80 000 employees, but only 1000 of them could have
access to the wiki: usually in read, some people in read/write. We will need
per namespace security: some namespaces should not be read by some groups
We dont want to go with many tons of wikis installation
I wrote a post on another mailing list about it a couple of days ago:
http://www.gossamer-threads.com/lists/wiki/mediawiki/381274
I had some very good and helpful comments, but its after that I found
another mailing list (this one), which seems dedicated to the enterprise
usage of Mediaiwki.
Here are the requierement we have:
Main page
- NamespaceA (read for departmentA only)
- NamespaceB (read for departmentB only)
-
.
- NamespaceZ (read for departmentZ)
Sometimes, someone of departmentA will need read access to NamespaceZ, etc
I would like to have some testimonials: your experiences, your
recommendations
on a specific aspect of Mediawiki: ACL !!! (recurring
topic, I believe
).
I read
http://blog.blue-spice.org/2012/10/23/mediawiki-vs-confluence-not-a-question
-of-features/ and found that they use Lockdown and some other extensions
around it, to secure the wiki
As everyone, I read
http://www.mediawiki.org/wiki/Security_issues_with_authorization_extensions
and
http://www.mediawiki.org/wiki/Category:Page_specific_user_rights_extensions
So, I wrote to BlueSpice team to know if they believe that Lockdown is
really secure to write sensitive data in a Mediawiki wiki. Answer was
honest: no (as expected).
I wrote also to the guy who founded Intelpedia (Josh Bancroft) and he
confirms that Mediawiki is the wrong tool to manage that kind of ACL and
that they use other tools for sensitive data, not their wiki
I didnt
insist to know which other tool
I was impressed that a guy at this level
take the time to answer me, so
J
Anyway, could you tell me what is the kind of setup you have on this side
(ACL) ? Certainly that some of you use in the facts an ACL extension
(Lockdown or others) ? Do you trust them ? Do you have implement some other
kind of security ? etc
Wikifarm ? etc
Sincerely, I believe I have read enough on the web about the subject
now, I
need some concrete experiences, from real persons, in real enterprises,
Voilà.
Thanks !
Pierre