I am not sure what the right approach is. We could provide optional
authentication but this may be better addressed by people implementing
access controls in Apache ie. adding Basic auth to particular URLs. You
could certainly easily disable writing by setting proper permissions on
conf/
On Apr 11, 2011, at 9:07 PM, Vladimir Vuksan wrote:
I am not sure what the right approach is. We could provide optional
authentication but this may be better addressed by people implementing access
controls in Apache ie. adding Basic auth to particular URLs. You could
certainly easily
I think that we should punt authentication to other systems/modules
that are dedicated to doing so. Apache (et al) have lots of ways of
handling authentication, and I don't see *any* reason to reinvent the
wheel here, and a lot of reasons not to.
If we want to provide hooks to allow for access