[Moin-user] Add single login account to standalone wiki

Thomas Waldmann tw-public at gmx.de
Fri Sep 19 03:41:18 EDT 2008

> I have a basic standalone wiki (moin-1.6.2)

Updating that to 1.7.2 should be relatively easy.

> with default config and no authentication method. It is installed on a
> server for use inside a corporate firewall.


> The users want to password-protect the wiki by using single username
> and password that everyone on the team would use.

Could be done, but IMHO that is a bad idea.

If everybody uses the same username, you don't see who did what change.
If someone leaves the team, he/she will still know the password - no
easy way to revoke access. Also, the probability that such a "common
user/password" leaks out and is soon known by everybody is rather high.

So I suggest you have username/password for each user (as usual).
Then have a page UserGroup and put all legitimate usernames into a 1st
level list on that group definition page. Then use
UserGroup:read,write,delete,revert in your default acl.

If you do it that way, every UserGroup member can add new members to /
remove other members from the group definition. If that is not wanted,
just use a non-default acl on the UserGroup page.

> The help file indicates the basic authentication method by moin via
> username/password would import MoinMoin/auth/MoinAuth.
> from MoinMoin.auth import MoinAuth
> auth = [MoinAuth()]

Looks like you are reading the 1.7 docs (and auth is slighlty different

You have a full set of matching help pages in YOUR wiki.
If you read on masterXX.moinmo.in, be careful you choose master16 for
1.6, master17 for 1.7, ...

> The wiki front page has the standard login form at the top,

Usually every page has that Login link that shows the form.

> which allows profile creation. It is not clear if this is to be used
> in my case or if MoinAuth uses local accounts on the server.

Moin does not use UNIX or Windows user accounts by default.

> The login form is on the same page as the top level data page, so I am
> not sure how that protects the data.

Well, you could have a restrictive acl_rights_default and just open the
front page for everybody (the front page would not contain any sensitive
information in that case).

More information about the Moin-user mailing list