|
Web Design > Restricting Access by Username and Password You can restrict access to a Web directory to a specific list of users. Users will be required to log in when attempting to access documents you place in this directory. If all of the users that need access to your documents are affiliated with Columbia, you can make use of their regular I.D.s and passwords that they are accustomed to entering (University Networked I.D.s or UNI's). For users not affiliated with columbia, you must maintain a list of user names and passwords. If you are going to maintain this list and place your files on the regular server, you should follow the instructions for using the regular server. However, placing your files on the secure server will add an extra measure of security. If your users include both columbia and non-columbia users, you may have those with UNI's use that ID system, and for the others, you may maintain your own username and password list. You are required to use the secure server if your users will be using their UNI's. Where to Put Your Documents on the Secure Server If you are creating these documents for an official site (not in your personal account web space), then your documents should reside on the Columbia's secure Web server somewhere underneath /wwws/data; For example, if your documents reside on the regular server in /www/data/cu/arthistory then your documents on the secure server should reside in /wwws/data/cu/arthistory. The URL is then https://www1.columbia.edu/sec/cu/arthistory/ If you are creating these documents for your personal account web space (~username), you need to make a directory called secure_html in your home directory (not in your public_html directory), to hold your files. The URL is then https://www1.columbia.edu/~username/ The group associated with the directory where you will put your files should be www and the permissions set so that only the owner and group may read. To change the group and set the permissions for your directory you must use the setweb command. This command must be used after you create the directory, and before you put any files in it. So, at the prompt you would type setweb directory-name. Here is an example:
$ pwd
/wwws/data/acis/rad/ $mkdir stuff $ ls -ldg stuff drwxr-x--- 2 ariel staff 512 Jul 28 15:34 stuff $ setweb stuff $ ls -ldg stuff drwxr-s--- 2 ariel www 512 Jul 28 15:34 stuff Now Ariel can move files into her directory or create new files to save in that directory. They will all have the correct group associated with them. For all of these files, she should set the permissions so that the owner and group have read permission, but not others. Controlling Access to Your Documents on the Secure Server Next, to restrict access to your documents, you need to create a file with the name .htaccess in the top-level directory of the documents which you wish to protect. In the .htaccess file, you must begin with the following lines: AuthType Basic AuthName "test" AuthKrbUserType type-of-lookup where "test" is whatever you would like to name your project (in double quotes) and type-of-lookup is either krb, udb, or both, depending on how you want the user id to be checked. To continue your .htaccess file chose your method of access:
« Back to Managing Access |
 |
|
|
 For Columbia Users For Non-Columbia Users (Sec.) For Non-Columbia Users (Reg.) For Both Columbia and Non-Columbia Users Creating a Logout Page  Making a Directory Setting Permissions |
|
|
|
CU Home | |
A-Z Index | Help | |
|
|
 |
|
|
|
|
|
|
||||||
|
|
|
|||
|
|||||
|
|
 |
|||
|
|
|
|||
|
|
|
|||