The option we have used here at Gartner is to leave the sensitive information on files on file servers. We then add links in wiki articles directly to the files and only people with access to those file servers can click on the link.

Your situation may vary, but we have found that only a small percentage of info actually requires access control.

The risk with trying to add access control into the wiki itself is that you add an extra layer of complexity that can really put people off contributing.

The disadvantage is of course that the info in the file server is not edited collaboratively using a wiki, but we have found this no big deal (because there is not much of it).

You also need to configure the mediawiki software a little: * edit OutputPage.php in the wiki directory (in Mediawiki 1.1 or wiki/includes/Parser.php in 1.2 or 1.3) ** enable links to external files by adding in the following line after the other ReplaceExternalLinks lines *** $text = $this->subReplaceExternalLinks( $text, "file", false );

You can then add links to external files using this syntax: * [file://servername/sharename/path/file%20name.ext alternate text]

Back slashes don't seem to work and the path and filename cannot contain spaces (hence the %20).

Michael Richards

-----Original Message----- From: mediawiki-l-bounces@Wikimedia.org [mailto:mediawiki-l-bounces@Wikimedia.org]On Behalf Of Jean-Christian Imbeault Sent: Thursday, August 12, 2004 12:50 AM To: MediaWiki announcements and site admin list Subject: [Mediawiki-l] Access control feature

I am in need of ACL (access control) for mediawiki. I've looked through the docs and mailing list and it seems that mediawiki doesn't have that feature. Am I correct?

If I were to try and implement that feature how hard would it be? Would it be easy to plug in to the current architecture or is this feature something so foreign to mediawiki that integrating it would require a lot of effort?

Oh, and I do realize that ACLs go against the spirit of a wiki. It's just that we would like to use mediawiki internally but some information must not be viewed by certain employees (legal reasons, NDAs, etc ...)

Thanks,