The only way to have a private ikiwiki, with a shared user database
for static pages and CGI authentication, is to use
httpauth. It would be good for httpauth to be on par with
passwordauth, i.e. to allow registering users, resetting
passwords, and changing passwords; supporting some kind of
account_creation_password configuration option would be nice, too.
I'll probably propose patches implementing this at some point. I've not had a single look at the code yet, but it may be nice to factorize the relevant passwordauth code, instead of rewriting it completely in httpauth.
Well, on such a private wiki, one can neither register herself nor reset his password: the registration page, as any other page, would be forbidden to non-authenticated users. Admin users should then be enabled to:
- register a new user
- reset someone else's password
In both cases, a brand new random password is sent by e-mail to the new user.
An authenticated user should nevertheless be able to change his own password. -- intrigeri