Changeset 755 for trunk/core/data/TWiki/AccessControl.txt
- Timestamp:
- 11/17/08 01:10:39 (4 years ago)
- File:
-
- 1 edited
-
trunk/core/data/TWiki/AccessControl.txt (modified) (1 diff)
Legend:
- Unmodified
- Added
- Removed
-
trunk/core/data/TWiki/AccessControl.txt
r733 r755 217 217 Use the following setup to authenticate users for topic viewing in all webs and to restrict access to selected webs. Requires UserAuthentication to be enabled. 218 218 219 1. Set =require valid-user= on your =view= script in .htaccess or the appropriate Apache .conf file. As of 4.x, this looks like: =FilesMatch "(attach|edit|manage|rename|save|view|upload|mail|logon|.*auth).*"= (normally =view= is not in that list). 219 1 The simple way is to add this to =%WEBPREFSTOPIC%= in all webs. 220 * ==Set <nop>DENYWEBVIEW = WikiGuest== 220 221 1. *Restrict* view access to selected Users and Groups. Set one or both of these settings in its %WEBPREFSTOPIC% topic: 221 * ==Set <nop>DENYWEBVIEW = < list of Users and Groups >==222 222 * ==Set <nop>ALLOWWEBVIEW = < list of Users and Groups >== 223 223 * __Note:__ =DENYWEBVIEW= is evaluated before =ALLOWWEBVIEW=. Access is denied if the authenticated person is in the =DENYWEBVIEW= list, or not in the =ALLOWWEBVIEW= list. Access is granted if =DENYWEBVIEW= and =ALLOWWEBVIEW= are not defined. 224 1. If you still want public users to be able to register automatically follow TWiki:TWiki.RegisterOnViewRestrictedSite. 224 225 In rare cases it may be required to authenticate the view script. This can in some cases have a dramatic performance hit because the webserver must re-authenticate for every page view. 226 227 1. Set =require valid-user= on your =view= script in .htaccess or the appropriate Apache .conf file. This looks like: =FilesMatch "(attach|edit|manage|rename|save|view|upload|mail|logon|.*auth).*"= (normally =view= is not in that list). 225 228 226 229 ---+++ Authenticate and Restrict Selected Webs Only
Note: See TracChangeset
for help on using the changeset viewer.
