(Unrelated to IncludingAuthenticatedURLs, so moved to separate topic. Please look at WebHome - there's a form to create new questions there, rather than editing an existing page.) -- RichardDonkin

Question

Firewall questions, newbi

I'm thinking of using this across multiple firewalls. How do I recreate the data from each TWiki database, using something like rdist, I suppose, to mirror the data? I would like to make some of the pages visible to certain organizations, is there a way to do this to gaurantee that data that should be kept hidden Please view in a fixed-width font such as Courier.

 

                         /---\
                        |User |
            /---\       | B   |
           |User |       \--+/
           | A   |          |
            \---X          |         /---\
                 \         |        |User |
                  \\      |         | C   |
                    \     |          X---/
                     \   |         //
                      *--+-----+ //
                      |        |/
                      |Twiki 1 |
                      |        |
                      +---/\---+
                         /  \     Firewall
                   ---------------------
                \      /       \      /
                 \\   /         \    / Firewall
                   \  /          \  /
           Firewall \/            \X
                    /\\          // \              /---\
            +------/--+\        /+---\------+    -+User |
            |         | \      / |          | --- | K   |
            |Twiki 2  +--\\---/--+Twiki 3   +-     \---/
            |         |    \ /   |          \\
            |         |     X    |          | \\
          //+--+--\---+          +-----+----+   \/---\
        //     |   \\                  |        |User |
  /---\/       |     \                |         | J   |
 |User |      |       \               |          \---/
 | X   |      |      /---\            |---\
  \---/       |     |User |          |User |
           /---\    | Z   |          | I   |
          |User |    \---/            \---/
          | Y   |
           \---/

(Couldn't get the fixed font to work!)

In this case Users A,B,C are collaborating tightly, Users X,Y and Z are tight, Users I, J and K are tight - but there are only portions of the each of the group files that we want to share amongst each other.

Any ideas how to do this?

Thanks

Patrick

View this diagram by editing the topic - '?raw=on' doesn't help. --RD

• TWiki version:
• Web server:
• Server OS:
• Web browser:
• Client OS:

-- PatrickMoran - 01 Mar 2002

Answer

The simplest approach is to have a single TWiki, with one web per group, and just set up the firewalls to allow authenticated users into the TWikis - you could also implement TWikiAccessControl to ensure that each group can see only some parts of the other groups' webs. Locating the TWiki server in a DMZ is a variant of this - another option is to locate the TWiki server in a fourth location that can be reached from all sites, using SSL and suitable authentication to keep the site secure. However, TWiki is not really intended for high security, since it usually lives on an intranet (or has non-security-sensitive info when on the Internet).

If you really want the separate TWiki servers, the same principles of firewall setup apply, i.e. users would get at a remote TWiki through the firewalls - you might want unified authentication across all the servers, which requires some coding/setup. However, if you really can't get at the TWikis through the firewalls, and you can't locate the TWiki servers in suitable DMZs next to each firewall, you'll have to investigate ReadWriteOfflineWiki, which is quite non-trivial. If you can make do with ReadOnlyOfflineWiki, that's a lot simpler.

-- RichardDonkin - 02 Mar 2002