Apache2, HTTP Digest Auth and MoinMoin

The MoinMoin wiki has to be where documentation goes to die.  I've never worked with a piece of software that has such crummy docs, everything is half done etc..  It makes a strong argument towards never using a Wiki for documentation.

Anyways, here's my recipe to get HTTP Digest authentication working with MoinMoin on apache2.  It wasted some of my time to get it all right, so hopefully this helps someone since the docs won't.

HTTP Auth Digest for MoinMoin

Tested on apache2 on ubuntu.

  1. Enable auth_digest:

    # ln -s /etc/apache2/mods-available/auth_digest.load /etc/apache2/mods-enabled
    
  2. Create your digest file:

    # cd /etc/apache2
    # htdigest -c nyaruka.digest nyaruka nicp
    Adding password for nicp in realm nyaruka.
    New password: #########
    Re-type new password: ########
    
  3. Edit your Moin apache2 config:

    <VirtualHost *:80>
      ServerAdmin admin@nyaruka.com
      ServerName wiki.nyaruka.com
      DocumentRoot /home/wiki/wiki
    
      <Location />
        AuthType Digest
        AuthName "nyaruka"
        AuthUserFile /etc/apache2/nyaruka.digest
        Require valid-user
      </Location>
    
      <IfModule mod_wsgi.c>
         # See the link below for an introduction about this mod_wsgi config.
         # http://groups.google.com/group/modwsgi/browse_thread/thread/60cb0ec3041ac1bc/
         WSGIPassAuthorization On
         WSGIScriptAlias / /home/wiki/wiki/moin.wsgi
         WSGIDaemonProcess wiki user=wiki group=wiki processes=7 threads=1 display-name=%{GROUP}
         WSGIProcessGroup wiki
         WSGIApplicationGroup wiki
      </IfModule>
    
      ErrorLog /home/wiki/logs/error.log
      LogLevel warn
      CustomLog /home/wiki/logs/access.log combined
      ServerSignature On
    </VirtualHost>
    
  4. Edit your MoinMoin wikiconfig.py, adding these lines in the LocalConfig object:

    from MoinMoin.auth import GivenAuth
    auth = [GivenAuth(autocreate=True)]
    
    # presence (or absence) of 'given' auth name, e.g.:
    auth_methods_trusted = ['given', 'xmlrpc_applytoken']
    
  5. Restart apache and things should work.

view raw readme.rst hosted with ❤ by GitHub