Wiki Navigation

Authentication/Session Library

This could hook into either LDAP or PAM to use system credentials. If we do this, requiring https for login would be essential. (* This now does a lookup in LDAP to authenticate people -Art)

Where should lists of who can do what be stored? LDAP? http://uk2.php.net/manual/en/function.ldap-bind.php (* It fetches the list of the users groups to be used for access levels -Art)

It might be nice to allow presentation of credentials through HTTP basic auth. This would allow creation of limited-access RSS feeds for example. Pear has Auth_HTTP for this. (basic mode auth generally sucks, so this could be a special feature of the rss component -Art)

Things that need protecting, and the levels of access which might be required:

Posting front-page announcements
Member details: browse, add/edit, editing your own details?
Library: browse, loan, edit
Bananas: browse, award
Blogs: posting to your own blog, adding comments ...
GuestNet?: adding your own MAC, ...
Managing permissions?
Forum: browse, post, moderate, admin
WebMail?
Wiki
Projects - svn, trac...
Links: adding, approving
Calendar/Diary

Download in other formats:

Plain Text