"Steve" wrote:
- I have a wiki and in this wiki some of the pages can be viewed without
login in and the rest you need to be logged in. Now say that I want to have a link from my other website into my wiki's password protected section. Is there a way that I could authenticate myself without using the wiki's login page, -say maybe pass the credentials in the header? Any other suggestions?
Steve
If they are being available from outside, you should de-protect it. You can always keep secret the url to that un-protected page. There're ways you could chwck it, like using auth in url or checking the referer, but they're all vulnerable, so you should decide: make it secret or not. Alternatively, you could make the other website secret too and sharing the credentials.