|
PmWiki /
ThoughtsOnAccessControlUser-based authenticationAuthUserPm, please complete ... thank you. UserAuthWhat is this? How is it different than AuthUser? Password-based authenticationPm, please comment .... Why is this easier to maintain for administrators? At a glance, it seems AuthUser is easier for authors? Answer: With accounts you should create one account per user accessing the site, then organize them in groups, give the groups permissions and so on. If you have lots of editors then of course this is more work than simply sending an email with a password in it. The drawback is that if one of the users starts misbehaving you must redistribute new passwords to everybody rather than simply disabling one account. Of course it is possible to emulate a passwords-based approach with a user approach by everybody using the same account, but why distribute two tokens (the username everybody use and the password everybody use) when there one will suffice? If you only have people share user accounts, the two are logically equivalent so of course... DrawbacksPm, please comment ... It is difficult to remember all the commands for "passwords" based system, e.g. clear, @lock, @nopass, ?add=attr, adds headache. (mgb) the way PmWiki is currently set up (for example, using AuthUser), it is painful to administer access control either with user accounts or with passwords only. That's because users can't easily maintain their own account/passwords. The administrator basically has to do everything. If a user loses a password or wants to change it, the administrator has to take care of it. It would be nice to have a true user account management system built in (perhaps another cookbook?), and for the wiki to use this method to this if a flag is turned on. AdvantagesPm, please comment .... Things Visitors Wish For
This page may have a more recent version on pmwiki.org: PmWiki:ThoughtsOnAccessControl, and a talk page: PmWiki:ThoughtsOnAccessControl-Talk. |