httpauth: Add cgiauthurl setting that can be used to do http basic auth only when ikiwiki needs authentication, rather than for any access to the cgi/wiki.
Joey Hess
parent
7dc357a6db
commit
92a6f2e5e8
|
|
@ -17,6 +17,13 @@ sub getsetup () {
|
|||
safe => 1,
|
||||
rebuild => 0,
|
||||
},
|
||||
cgiauthurl => {
|
||||
type => "string",
|
||||
example => "ttp://example.com/wiki/auth/ikiwiki.cgi",
|
||||
description => "url to redirect to when authentication is needed",
|
||||
safe => 1,
|
||||
rebuild => 0,
|
||||
},
|
||||
}
|
||||
|
||||
sub auth ($$) {
|
||||
|
|
@ -26,6 +33,10 @@ sub auth ($$) {
|
|||
if (defined $cgi->remote_user()) {
|
||||
$session->param("name", $cgi->remote_user());
|
||||
}
|
||||
elsif (defined $config{cgiauthurl}) {
|
||||
IkiWiki::redirect($cgi, $config{cgiauthurl}.'?'.$cgi->query_string());
|
||||
exit;
|
||||
}
|
||||
}
|
||||
|
||||
1
|
||||
|
|
|
|||
|
|
@ -10,6 +10,9 @@ ikiwiki (3.20091032) UNRELEASED; urgency=low
|
|||
or sidebar.
|
||||
* localstyle: New plugin, allows overrding the toplevel local.css
|
||||
with one that is closer to a page.
|
||||
* httpauth: Add cgiauthurl setting that can be used to do http basic auth
|
||||
only when ikiwiki needs authentication, rather than for any access to
|
||||
the cgi/wiki.
|
||||
|
||||
-- Joey Hess <joeyh@debian.org> Fri, 06 Nov 2009 12:04:29 -0500
|
||||
|
||||
|
|
|
|||
|
|
@ -2,8 +2,24 @@
|
|||
[[!tag type/auth]]
|
||||
|
||||
This plugin allows HTTP basic authentication to be used to log into the
|
||||
wiki. To use the plugin, your web server should be set up to perform HTTP
|
||||
basic authentiation for at least the directory containing `ikiwiki.cgi`.
|
||||
The authenticated user will be automatically signed into the wiki.
|
||||
wiki.
|
||||
|
||||
This plugin is included in ikiwiki, but is not enabled by default.
|
||||
## fully authenticated wiki
|
||||
|
||||
One way to use the plugin is to configure your web server to require
|
||||
HTTP basic authentication for any access to the directory containing the
|
||||
wiki (and `ikiwiki.cgi`). The authenticated user will be automatically
|
||||
signed into the wiki. This method is suitable only for private wikis.
|
||||
|
||||
## separate cgiauthurl
|
||||
|
||||
To use httpauth for a wiki where the content is public, and where
|
||||
the `ikiwiki.cgi` needs to be usable without authentication (for searching
|
||||
and so on), you can configure a separate url that is used for
|
||||
authentication, via the `cgiauthurl` option in the setup file. This
|
||||
url will then be redirected to whenever authentication is needed.
|
||||
|
||||
A typical setup is to make an `auth` subdirectory, and symlink `ikiwiki.cgi`
|
||||
into it. Then configure the web server to require authentication only for
|
||||
access to the `auth` subdirectory. Then `cgiauthurl` is pointed at this
|
||||
symlink.
|
||||
|
|
|
|||
Loading…
Reference in New Issue