On 9/2/06, Stephen Warren <swarren(a)wwwdotorg.org> wrote:
gmu 2k6 wrote:
On
02/09/06, gmu 2k6 <gmu2006(a)gmail.com> wrote:
> I'm running a wiki at work and a coworker asked me to require login
> for any article editing so that he can see who created/modified the
> article. my point is that the barrier to surf-by-editing is too high with
> logins required. then he said that people can use Cookies to be
> logged in always.
what can I do with a vanilla 1.7.1 release using Apache? mod_krb? mod_auth_pam?
authenticating against a Windows 2003 domain from within a linux Apache might
be possible. any configuration howtos?
mod_auth_ldap (or mod_auth_pam etc. I suppose) and the environment
authentication hook into MediaWiki.
http://meta.wikimedia.org/wiki/User:Otheus/Auto_Login_via_REMOTE_USER
Works great for us, and it's almost completely transparent (given that
users authenticate to the web server for many things, and the Wiki is
just one of them, and Apache is configured with the same authentication
"realm" for all of them (but with different "require group" like
options
for the different apps exposed)).
50% of the password issue is that if you require passwords for editing articles
by anyone then you should also put it behind https:// and this would require
a properly signed certificate. *sigh* now I remember why I just said
let everyone
edit damnit.
the point is if I do remote password checking than these passwords will be for
real user accounts in LDAP/Active Directory and these should not be transferred
as is.
thanks for the help, I'll have to think about it...