We have an intranet wiki running 1.27 from tarball. I just installed the previous version of GoogleLogin (0.3.1, because automatic account creation works and it doesn't in 0.4). So you now need Google Login on one of our whitelisted GApps domains to read it, let alone edit it.
What we want is to make this available on the public Internet (SSL of course) so that workers in our international offices can use it, if they're logged into their work Google account.
This is pretty much the "hard shell, tasty soft centre" security model. Is this a desperately unsafe thing to do? Has anyone else done this or something like it?
(We could put basic auth in front of it as well, but this is for the sort of non-technical worker who this would desperately confuse. We probably can't lock it to given IP ranges either.)
- d.
On Wed, Feb 1, 2017 at 3:19 AM David Gerard dgerard@gmail.com wrote:
This is pretty much the "hard shell, tasty soft centre" security model. Is this a desperately unsafe thing to do? Has anyone else done this or something like it?
We do this every single day at Wikimedia. Think of the private wikis--ones for Arbcom, Office, etc etc etc. They're internet-accessible but locked down to anonymous users.
Just deny read permissions to anons and as long as you trust the login method (in your case, Google) you should be fine. You can also whitelist Main_Page to give people a warning and instructions to login.
-Chad
mediawiki-l@lists.wikimedia.org