Tags:
extract_idea1Add my vote for this tag create new tag
, view all tags

'Access Denied' or 'Please Log In'

Motivation

Setting DENYTOPICVIEW to exclude the guest account produces an Oops screen with 'access enied'. This is usually OK.

However there are some situations where saying "Please Log In" would make more sense, or the authentication screen, whatever it may be, is presented.

As far as I can see, it is only when an unathenticated (i.e. ientity is TWikiGuest) user tries to edit does the authentication mechanism, usually Apache's basic authentication with the baselline distribution, get invoked.

I'd like to be able to to treat access attempts by TWikiGuest as "please log in" and access violations by logged in users not in the ACL for that topic or web as "access denied".

Details should be added to the documentation on access control

I'm runnning a site exposed to the Internet. Each web is a special interest area. The home page carries a welcome/overview, but to post to that web and visit many of the topics will require being registered and being in the group for that web. I imagine this is not an unusual situation and someting similar might apply in corporate wikis as well where ther are various webs for different departments. Certainly in network level access control keeping 'engineering' and 'payroll' networks and servers seperate is common practice.

-- AntonAylward - 18 Jun 2005


Discussion:

Topic revision: r1 - 2005-06-18 - AntonAylward
 
  • Learn about TWiki  
  • Download TWiki
This site is powered by the TWiki collaboration platform Powered by Perl Hosted by OICcam.com Ideas, requests, problems regarding TWiki? Send feedback. Ask community in the support forum.
Copyright © 1999-2017 by the contributing authors. All material on this collaboration platform is the property of the contributing authors.