On 3/11/2015 8:58 AM, Graeme Pietersz wrote: > On 11/03/15 12:25, Andy Goth wrote: >> All you have to do is take away all of nobody's privileges. >> >> f user capabilities nobody "" >> >> Can also be done with the web interface. > > And the same for anonymous surely?
No need. anonymous inherits its ability to log in from nobody. Taking away nobody's privileges also takes away anonymous's privileges. The user administration page says: "No login is required for user nobody. The capabilities of the nobody user are inherited by all users, regardless of whether or not they are logged in. To disable universal access to the repository, make sure that the nobody user has no capabilities enabled. The password for nobody is ignored." If you like, you can explicitly move nobody's privileges to anonymous so that anonymous login is required. You would do this to give every human access but block spiders. "Login is required for user anonymous but the password is displayed on the login screen beside the password entry box so anybody who can read should be able to login as anonymous. On the other hand, spiders and web-crawlers will typically not be able to login. Set the capabilities of the anonymous user to things that you want any human to be able to do, but not any spider. Every other logged-in user inherits the privileges of anonymous." -- Andy Goth | <andrew.m.goth/at/gmail/dot/com>
signature.asc
Description: OpenPGP digital signature
_______________________________________________ fossil-users mailing list fossil-users@lists.fossil-scm.org http://lists.fossil-scm.org:8080/cgi-bin/mailman/listinfo/fossil-users
