|
Formatting |
Integrating PmWiki into UW NetID AuthenticationIn order to post information that must be restricted to the iSchool as a whole, the settings for this wiki have been customized somewhat to allow for a secure area that requires UW NetID membership as an iSchool student to view content. This was done via Apache's configuration override procedures using a .htaccess file, as follows:
# Turn on Apache's mod_rewrite and set to the wiki path
RewriteEngine on
RewriteBase /infomgmt/wiki
##### NetID authentication required to edit pages #####
RewriteCond %{QUERY_STRING} action=edit [OR]
RewriteCond %{REQUEST_URI} ^/infomgmt/wiki/Restricted*
RewriteRule ^([A-Z0-9\xa0-\xff].*)$ indexauth.php?n=$1 [QSA,L]
<Files indexauth.php>
AuthType UWNetID
require group uw_ischool_students_all
</Files>
##### Clean URL settings #####
# Send requests without parameters to pmwiki.php.
RewriteRule ^$ pmwiki.php [L]
# Send requests for index.php to pmwiki.php.
RewriteRule ^index\.php$ pmwiki.php [L]
# Send requests to pmwiki.php, appending the query string part.
RewriteCond %{QUERY_STRING} !action=edit
RewriteRule ^([A-Z0-9\xa0-\xff].*)$ pmwiki.php?n=$1 [QSA,L]
The .htaccess file essentially forces all requests for any wiki page starting with "Restricted/" to go through NetID authentication. Further, it restricts access to only iSchool students - ideally, we would narrow this to only provide MSIM students access, but this restriction is sufficient to satisfy the privacy requirements for data in this section. It also provides for forcing any wiki edits to be done only by valid UW NetID holders. We also force page authors to always reflect the currently logged in UW NetID by placing the following code in /wiki/local/config.php:
// If no $Author is set, set it to the authenticated user name.
// Courtesy: http://staff.washington.edu/oren/weblog2/archives/2006/02/using_pmwiki_wi_1.html
if ($action == 'edit') {
if (@$_SERVER['REMOTE_USER']) {
$Author=@$_SERVER['REMOTE_USER'];
setcookie('author',$Author,0,'/');
}
}
|