- Check my extensions
- PHP: fopen() does not seem to work quite well with PHP 4.3.3 on Win32 (failed to open stream: no suitable wrapper could be found). Use 4.3.10 instead.
- Enabling sub-pages: Subpage Feature
- Namespaces: Namespace, Custom namespaces
- CSS: FloatTutorial, Learn CSS
I had the feeling the <LocationMatch> directive would provide a way to protect a sub-section of a MediaWiki. For example, the following code requires a valid authenticated user to access any page matching the (.*)[kK]wGrid.?Private(.*) regexp.
<LocationMatch "(.*)[kK]wGrid.?Private(.*)"> AuthName "kwGrid private section" AuthType Basic AuthUserFile /projects/KitwareWeb/restricted_accesses/wiki/kwGrid/passwd require valid-user </LocationMatch>
The above code triggers a password-based authentication for any page matching the kwGrid:Private prefix, thus restricting access to a virtual sub-section or sub-directory under kwGrid:Private. For example, http://public.kitware.com/Wiki/KwGrid:Private/Welcome. It also matches any files prefixed with kwGridPrivate.
Sadly, this is flawed. The <LocationMatch> directive matches an URL, but does not match the query string. Thus, there is no way to restrict access to a page when it is accessed using any of the history/diff/edit/move action. For example, http://public.kitware.com/Wiki?title=KwGrid:Private/Welcome&action=edit gives unrestricted access to the page, since the http://public.kitware.com/Wiki URL does not match our regexp.
After some talk with the developpers, it seems MediaWiki is actually not designed to protect pages from being read.