Search Mailing List Archives


Limit search to: Subject & Body Subject Author
Sort by: Reverse Sort
Limit to: All This Week Last Week This Month Last Month
Select Date Range     through    

allowing pass-through for read-only via proxy

Markus Schuh markus.schuh at sdm.de
Wed Oct 17 15:32:13 PDT 2007


Hi John,

On 10/17/2007 2:50 PM, John DeStefano wrote:
> 
> On 10/16/07, Markus Schuh <markus.schuh at sdm.de> wrote:
> > TWiki's ApacheConfigGenerator may help you further, see
> >   http://twiki.org/cgi-bin/view/TWiki/ApacheConfigGenerator
> 
> Yes; thanks!  I've used that Generator before, and it does a good job.
>  Unfortunately, it doesn't include a "Use WebAuth authentication"
> option. ;)

I don't think WebAuth authentication makes the twiki setup more complex.
The translation of the setup to reverse proxy configuration is the hard
part. (Directory & FilesMatch to LocationMatch, ...)

What I really wanted to say:

Use the generated information for further hints.

In your setup everything under /twiki/bin except /twiki/bin/view
requires a valid user authentication.

In the generated setup only
  attach|edit|manage|rename|save|upload|mail|logon|rest|.*auth
inside /twiki/bin require a valid user.

So you should check your proxy logs. I assume when you access your twiki
in "view only" mode, some other /twiki/ paths are used.

At least /twiki/pub has to be excluded from authentication, too, if you
want to access twiki without authentication. (for JavaScript, CSS and
Images)

And I would at least try to allow anonymous access additionally to

  viewfile
  oops

Some other candidates for anonymous access

changes
rdiff
search
statistics

-- 
Markus




More information about the webauth-info mailing list