X-Git-Url: http://git.vanrenterghem.biz/git.ikiwiki.info.git/blobdiff_plain/046095552ac231366d71a3c7a84bdc6d46662212..8480cdc48cf4c009437013ded29942e0147a457a:/doc/plugins/httpauth.mdwn diff --git a/doc/plugins/httpauth.mdwn b/doc/plugins/httpauth.mdwn index a7aac558b..b2f789b8e 100644 --- a/doc/plugins/httpauth.mdwn +++ b/doc/plugins/httpauth.mdwn @@ -2,7 +2,9 @@ [[!tag type/auth]] This plugin allows HTTP basic authentication to be used to log into the -wiki. +wiki. In this mode, the web browser authenticates the user by some means, +and sets the `REMOTE_USER CGI` environment variable. This plugin trusts +that if that variable is set, the user is authenticated. ## fully authenticated wiki @@ -24,3 +26,21 @@ A typical setup is to make an `auth` subdirectory, and symlink `ikiwiki.cgi` into it. Then configure the web server to require authentication only for access to the `auth` subdirectory. Then `cgiauthurl` is pointed at this symlink. + +## using only httpauth for some pages + +If you want to only use httpauth for editing some pages, while allowing +other authentication methods to be used for other pages, you can +configure `httpauth_pagespec` in the setup file. This makes Edit +links on pages that match the [[ikiwiki/PageSpec]] automatically use +the `cgiauthurl`, and prevents matching pages from being edited by +users authentication via other methods. + +## Using httpauth with nginx + +You have to pass the $remote_user variable to the CGI: + + location /ikiwiki.cgi { + fastcgi_param REMOTE_USER $remote_user if_not_empty; + .... + }