<!DOCTYPE html> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>httpauth</title> <meta name="viewport" content="width=device-width, initial-scale=1" /> <link rel="stylesheet" href="../style.css" type="text/css" /> <link rel="stylesheet" href="../local.css" type="text/css" /> </head> <body> <div class="page"> <div class="pageheader"> <div class="header"> <span> <span class="parentlinks"> <a href="../index.html">ikiwiki</a>/ <a href="../plugins.html">plugins</a>/ </span> <span class="title"> httpauth </span> </span> </div> </div> <div id="pagebody"> <div id="content" role="main"> <p><span class="infobox"> Plugin: httpauth<br /> Author: Alec Berryman<br /> Included in ikiwiki: yes<br /> Enabled by default: no<br /> Included in <a href="./goodstuff.html">goodstuff</a>: no<br /> Currently enabled: no<br /> </span></p> <p>This plugin allows HTTP basic authentication to be used to log into the wiki. In this mode, the web browser authenticates the user by some means, and sets the <code>REMOTE_USER CGI</code> environment variable. This plugin trusts that if that variable is set, the user is authenticated.</p> <h2>fully authenticated wiki</h2> <p>One way to use the plugin is to configure your web server to require HTTP basic authentication for any access to the directory containing the wiki (and <code>ikiwiki.cgi</code>). The authenticated user will be automatically signed into the wiki. This method is suitable only for private wikis.</p> <h2>separate cgiauthurl</h2> <p>To use httpauth for a wiki where the content is public, and where the <code>ikiwiki.cgi</code> needs to be usable without authentication (for searching, or logging in using other methods, and so on), you can configure a separate url that is used for authentication, via the <code>cgiauthurl</code> option in the setup file. This url will then be redirected to when a user chooses to log in using httpauth.</p> <p>A typical setup is to make an <code>auth</code> subdirectory, and symlink <code>ikiwiki.cgi</code> into it. Then configure the web server to require authentication only for access to the <code>auth</code> subdirectory. Then <code>cgiauthurl</code> is pointed at this symlink.</p> <h2>using only httpauth for some pages</h2> <p>If you want to only use httpauth for editing some pages, while allowing other authentication methods to be used for other pages, you can configure <code>httpauth_pagespec</code> in the setup file. This makes Edit links on pages that match the <a href="../ikiwiki/pagespec.html">PageSpec</a> automatically use the <code>cgiauthurl</code>, and prevents matching pages from being edited by users authentication via other methods.</p> <h2>Using httpauth with nginx</h2> <p>You have to pass the $remote_user variable to the CGI:</p> <pre><code>location /ikiwiki.cgi { fastcgi_param REMOTE_USER $remote_user if_not_empty; .... } </code></pre> </div> </div> <div id="footer" class="pagefooter" role="contentinfo"> <div id="pageinfo"> <div class="tags"> Tags: <a href="./type/auth.html" rel="tag">type/auth</a> </div> <div id="backlinks"> Links: <a href="./passwordauth.html">passwordauth</a> </div> <div class="pagedate"> Last edited <span class="date">Tue Feb 26 23:01:54 2019</span> <!-- Created <span class="date">Tue Feb 26 23:01:54 2019</span> --> </div> </div> <!-- from ikiwiki --> </div> </div> </body> </html>