views:

19

answers:

1

I want to set up an internal foswiki to which only authorized users have access to and can view/edit the contents. One way of doing this is to modify the .htaccess file for the folder and generate as many as authorized users. But that is not very secure, so I don't want to use it

Is there any way to do this in Foswiki.

+1  A: 

the best way is to use configure to set all the scripts to require login.

you need to hit 'yes i've read all the docco' button at the top, and then expand the Security section

in there is a setting called {AuthScripts}. any cgi script listed there will require authentication first - so list all of them.

alternatively, you can restrict access to a web or topic using the ACL settings - see http://foswiki.org/System/AccessControl

Sven Foswiki developer and consultant :)

SvenDowideit
Why isn't it enough to require auth for the view mode? That should also prevent any actions like edit/attach/etc., right?
torbengb