[pmwiki-users] Easy .htaccess authentication setup?

[Stirling Westrup]

Alan Hoyle wrote:
> On 6/22/06, Ian Barton <lists at manor-farm.org> wrote:
>>> I've been playing with PmWiki a little bit.  It's pretty easy to set
>>> up a .htaccess file that would restrict any access to the Wiki, but
>>> I'm wondering if there's an easy way to set it up so it would be
>>> readable to anyone, but editing would require authentication.  In
>>> particular, we use Kerberos (or an LDAP-Kerberos gateway) for general
>>> authentication, and I'm wondering if it would be possible to set it up
>>> to use that.
>> If you change .htaccess to be owned and writeable by the webserver, you
>> can then construct a separate page that requires authentication that can
>> read and write htaccess.
>>
>> However, you might want to consider if making hatccess writeable by the
>> web server creates any security problems.
> 
> Perhaps my original query was unclear.
> 
> I want to have a Wiki that is readable by unauthenticated users, but
> the only people that can edit it will be authenticated by an external
> authentication method.  (
> 
> Right now, I can use a .htaccess file to create something that
> requires Apache authentication (using our kerberos infrastructure) for
> everything, but I can't set it up for unauthenticated reading.
>

PmWiki supports external authentication methods, as I've seen several
folks on this list with similar needs get a setup that works for them.
To my knowledge, none of them rely upon .htaccess.

That said, I don't know how its done, since that has never been one of
my needs for PmWiki.