alternate suggestion

author http://www.cse.unsw.edu.au/~willu/ <http://www.cse.unsw.edu.au/~willu/@web>

Wed, 30 Jul 2008 03:39:15 +0000 (23:39 -0400)

committer Joey Hess <joey@kitenet.net>

Wed, 30 Jul 2008 03:39:15 +0000 (23:39 -0400)
author http://www.cse.unsw.edu.au/~willu/ <http://www.cse.unsw.edu.au/~willu/@web>
Wed, 30 Jul 2008 03:39:15 +0000 (23:39 -0400)
committer Joey Hess <joey@kitenet.net>
Wed, 30 Jul 2008 03:39:15 +0000 (23:39 -0400)
diff --git a/doc/plugins/contrib/unixauth/discussion.mdwn b/doc/plugins/contrib/unixauth/discussion.mdwn

index 7bfdc9665448b89a385685edc502c8882031dbc3..91c59ff1d0bafc5b070bde01ab9c201e8b6849ab 100644 (file)
--- a/doc/plugins/contrib/unixauth/discussion.mdwn
+++ b/doc/plugins/contrib/unixauth/discussion.mdwn
@@ -18,3 +18,5 @@ So I don't think I'll be accepting this plugin into ikiwiki itself..
  
  Thanks for the comments. That's definitely an undesirable interaction between pwauth and ikiwiki; in my current application it wouldn't be a serious problem, but I'd like this plugin to be general-purpose and safe enough for inclusion in ikiwiki. It's the system-users-are-wiki-users idea I'm married to here, not pwauth itself; can you suggest another approach I might take?
  -- [[schmonz]]
+
+> Have you considered using [[plugins/httpauth]] and then the appropriate apache module?  There are apache modules like [mod_authnz_external](http://unixpapa.com/mod_auth_external.html) that might help.  The advantage of these solutions is that they usually make the security implications explicit.  -- Will
author	http://www.cse.unsw.edu.au/~willu/ <http://www.cse.unsw.edu.au/~willu/@web>
	Wed, 30 Jul 2008 03:39:15 +0000 (23:39 -0400)
committer	Joey Hess <joey@kitenet.net>
	Wed, 30 Jul 2008 03:39:15 +0000 (23:39 -0400)