[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [GMG-Devel] Reg. temp access to private mg instance

From: Joar Wandborg
Subject: Re: [GMG-Devel] Reg. temp access to private mg instance
Date: Mon, 01 Oct 2012 22:13:55 +0200
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:10.0.6esrpre) Gecko/20120817 Icedove/10.0.6

On 09/30/2012 11:58 PM, Diptorup Deb wrote:
> Hi -
> Is it possible to set up a private mediagoblin instance which can be
> then shared with others via an expirable  token of some sort?
> Thanks in advance.
> ~ drd
> _______________________________________________
> devel mailing list
> address@hidden

Hi Diptorup, currently there's nothing such.

The OAuth plugin contains functionality for expiring tokens, but those
are only used on API views such as /api/submit and /api/entries and
probably won't change.

If you describe your use case providing a bit more details it would be
possible to file a ticket over at and see
if someone jumps on it.

The setup that would get closest to fit the use case you describe would
be to set up mediagoblin according to and then set up the
front-end web server (nginx, apache, lighttpd, ...) to require HTTP
authentication and then handle authentication within the front-end web
server scope. This would effectively restrict access to anyone not
having a set of issued credentials.

Such front-end web server authentication methods are described at the
following places: (Apache) (nginx)

As far as I know there is no functionality within any front-end web
server to make the credentials expire but I bet you can prove me wrong
on that part.



reply via email to

[Prev in Thread] Current Thread [Next in Thread]