Hello,
I read all the answers and I thank you all.
I finally do a test with the LockDown extension (
https://www.mediawiki.org/wiki/Extension:Lockdown ) on our Mediawiki 1.21.1 installation,
and it seems to work fine. Of course, I cannot say if it's really secure or if we will
have to implement some other extensions on top of it, but it seems to work as is...
Another question: do you use LockDown ? If it doesn't prevent to list a page when we
do a search, it prevent to display the page itself, which is OK for us. Is there other
limitations ?
What we can do:
1- create a page "FOO1:Procedure To do this" and give general informations on
it, accessible to all users... and on "FOO1:Procedure to do this" we put a link
to "FOO2:SecretPasswords"
2- if the user needs the passwords, he clicks on "FOO2:SecretPasswords". If he
has access to the FOO2 namespace (as defined in the LockDown parameters, in
LocalSettings), all is ok for him and he has access to the page. If he doesn't, then
he receives an access denied.
Make sens for you ?
Thanks again for all you comments !
(I sincerely hope that my English is clear enough :-) )
Pierre
-----Original Message-----
From: mediawiki-l-bounces(a)lists.wikimedia.org
[mailto:mediawiki-l-bounces@lists.wikimedia.org] On Behalf Of Arcane 21
Sent: Friday, August 09, 2013 11:49 PM
To: mediawiki-l(a)lists.wikimedia.org
Subject: Re: [MediaWiki-l] Mediawiki as an Enterprise wiki
I'm not sure how much help this is, but it should be possible to "section
off" certain levels of the wiki for certain user groups (you could possibly make a
"user group" for every individual user if you needed to)
What you would do, for sections with info so sensitive that only one or two people should
have access is simply to restrict everything, even the ability to read the page (including
the page source) in any way, to just those user groups you specify. This would effectively
secure that information to just those parties alone, though this would require manually
toggling settings for each user group, which would be extremely tedious yet doable.
That security hassle aside, MediaWiki is probably the best option you have for handling
such a large amount of content, and while I'm no expert on wiki security, it is
probably the most well featured wiki when it comes to additional security options and
extensions you can install and configure, and I would highly recommend using it.
In fact, I found an extension that should serve your security needs well in blocking even
page sources from being viewable (for your needs, this would be essential)
https://www.mediawiki.org/wiki/Extension:ProtectSource
You also want this extension, just to close loopholes in the above extension, such as the
Special:Import/Export special pages:
https://www.mediawiki.org/wiki/Extension:DisableSpecialPages
I'm not sure what else you need at the moment, but you should check out all the page
permission and security extensions on
MediaWiki.org, not to mention all the page
permission documentation available to determine how feasible the level of security you
desire is:
https://www.mediawiki.org/wiki/Permissions
Hope that helps.
From: pierre.labrecque(a)live.ca
To: mediawiki-l(a)lists.wikimedia.org
Date: Fri, 9 Aug 2013 23:10:05 -0400
Subject: [MediaWiki-l] Mediawiki as an Enterprise wiki
Hello,
(sorry for my poor English.)
This is probably a recurring question.
I work for an IT company of around 80 000 employees and we would like
to build an enterprise wiki, where we will put all our technical
documentation (how to, troubleshooting, scripting, etc.).
80 000 employees, but this wiki will be for 1000 of them. It may
generate a minimum of 200 000/300 000 pages + images + etc.
You have to know that in some of our documentation, we have usernames
and passwords, or maybe firewall configuration, etc. for different customers.
Of course, I know that Mediawiki cannot provide a per page/category
security (at a read level): my understanding is that Mediawiki is
"Read all pages" or "Access denied to all pages". nothing in between.
So we cannot restrict view of some documents to a specific group.
Fine.
So let's say that it's not a problem and that all our technicians will
be able to read all the technical documents, of all our customers.
Someone told me that we just don't have to put some confidential
informations in our wiki documents (no user/password/confidential
config/etc.).
Fine. But where ? If we don't put them in the wiki pages, it means
that the users will have to go in the wiki for the basic informations,
then go on another tool to have the confidential info.
Now, my question: how do you manage this ?
I really love Mediawiki and would like to implement it in our
business, but I haven't enough information on how this can be
implemented in the reality of a business.
And no: no budget to buy something like Confluence.
I have try Dokuwiki, XWiki, Tiki, MoinMoin, many others. I love
Dokuwiki too, but wasn't sure enough it was a strong tool to be able
to manage that amount of pages/images/. Anyway, I always come back to
MediaWiki. I don't know why.
Best regards,
Pierre
_______________________________________________
MediaWiki-l mailing list
MediaWiki-l(a)lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/mediawiki-l
_______________________________________________
MediaWiki-l mailing list
MediaWiki-l(a)lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/mediawiki-l