## <a name="Authentication Options"></a> Authentication Options
-No special installation steps are required if the server is already authenticated. If it isn't, you have three standard options for controlling user access:
-
-1. **Forget about authentication** to make your site completely public - anyone can browse and edit freely, in classic Wiki mode. All visitors are assigned the [[TWikiGuest]] default identity, so you can't track individual user activity. <br />
-2. **Use SSL (Secure Sockets Layer; HTTPS)** to authenticate and secure the whole server. <br />
-3. **Use Basic Authentication (.htaccess)** to control access by protecting key scripts: `attach`, `edit=`, `installpasswd`, `preview`, `rename`, `save`, `upload` using the <code>**.htaccess file**</code>. The [[TWikiInstallationGuide]] has step-by-step instructions.
+No special installation steps are required if the server is already authenticated. If it isn't, you have these options for controlling user access:
+
+1. **No login at all:** Forget about authentication to make your site completely public - anyone can browse and edit freely, in classic Wiki mode. All visitors are assigned the [[TWikiGuest]] default identity, so you can't track individual user activity.
+ - **How:** Default, no web server configuration necessary
+2. **No login to view; require login to edit:** Keeping track of who changed what and when, while keeping view access unrestricted is desirable in most TWiki deployments. This option is not suitable if you need [[TWikiAccessControl]] for view restricted content since TWiki does not know who a user is when looking at content.
+ - **How:** Use Basic Authentication (`.htaccess`) to control access by protecting key scripts: `attach`, `edit`, `installpasswd`, `manage`, `preview`, `rename`, `save`, `upload` using the <code>**.htaccess file**</code>. The [[TWikiInstallationGuide]] has step-by-step instructions.
+3. **No login to view _unless necessary_; require login to edit:** You prefer not to bother the user with login for unrestricted content, but you need [[TWikiAccessControl]] for view restricted content. There are two ways to accomplish this:
+ - **How 1:** Use Basic Authentication with Partial Authentication (described below)
+ - **How 2:** Use one of the Session TWiki:Plugins where you give the user the option to login and logout.
+4. **Require login to view and edit:** Most restrictive, but TWiki knows who the user is at all times. There are two ways to accomplish this:
+ - **How 1:** Use Basic Authentication to authenticate the whole `twiki/bin` directory. Consult your web server documentation.
+ - **How 1:** Use SSL (Secure Sockets Layer; HTTPS) to authenticate and secure the whole server. Consult your web server documentation.
### <a name="Partial Authentication"></a> Partial Authentication
git://git.openafs.org / openafs-wiki.git / blobdiff