Connect to the Purdue Home Page

Purdue University

Identity and Access Management

I2A2::Acess Module

[Apache Documention]

Apache HTTP Server Version 1.3


This module is part of the of the I2A2 package. It restricts access to files by user or user characteristics via the I2A2 Authorization DataBases.

AllowUser

Syntax: AllowUser user user...
Context: directory, .htaccess
Override: AuthConfig
Status: Extension
Module: I2A2::Access

The AllowUser directive selects which authenticated users can access a directory. The arguments can be PUIDs or I2A2 aliases.

A user whose PUID or alias appears in the list will be allowed access to the directory. This overrides the effect of any previous DenyUser directive for the PUID or alias.

The special string, "clear-list", may be used to clear the list of allowed users. It should appear as the first argument to AllowUser:

AllowUser clear-list bob tom
            

The AllowUser directive only affects access when the directory's access handler is I2A2::Access.

See also DenyUser and CharsExp.

DenyUser

Syntax: DenyUser user user...
Context: directory, .htaccess
Override: AuthConfig
Status: Extension
Module: I2A2::Access

The DenyUser directive selects which authenticated users cannot access a directory. The arguments can be PUIDs or I2A2 aliases.

A user whose PUID or alias appears in the list will be denied access to the directory. This overrides the effect of any previous AllowUser directive for the PUID or alias.

The special string, "clear-list", may be used to clear the list of denied users. It should appear as the first argument to AllowUser:

DenyUser clear-list alice carol
            

The DenyUser directive only affects access when the directory's access handler is I2A2::Access.

See also AllowUser and CharsExp.

CharsExp

Syntax: CharsExp expression
Context: directory, .htaccess
Override: AuthConfig
Status: Extension
Module: I2A2::Access

Each CharsExp directive defines a characteristic expressions for the directory. Multiple characteristic expressions may be defined. If any characteristic expression in a directory evaluates to "TRUE" for a user, the user is allowed access to the directory.

When a CharsExp directive appears in a directory section, no characteristic expressions will be inherited for the directory.

The CharsExp directive only affects access when the directory's access handler is I2A2::Access.

See also AllowUser, DenyUser

DefaultRealm

Syntax: DefaultRealm realm
Context: directory, .htaccess
Override: AuthConfig
Status: Extension
Module: I2A2::Access

The DefaultRealm directive specifies the authentication realm which is selected by default when users are prompted to authenticate.

When no DefaultRealm directive applies, the Purdue realm is used.

Realms

Syntax: Realms [+|-]realm [+|-]realm...
Context: directory, .htaccess
Override: AuthConfig
Status: Extension
Module: I2A2::Access

The Realms directive specifies which authentication realms are trusted under this directory. A list of realms may be listed, or the current list may be augmented by adding or deleting realms.

The special realm name "Any" is used to accept authentication in any of the available realms.

Realms +Bob		# add Bob to the list of currently accepted realms
Realms Purdue	# only accept authentcation in the Purdue realm
Realms Any -Bob	# accept authentcation in any realm except Bob
            

The default is to accept authentication in any of the available realms.



Apache HTTP Server Version 1.3

Feedback | Contact Purdue
Maintained by: IAMO Team

Purdue University, West Lafayette, IN 47907, (765) 494-4600
© 2010 - 2013 Purdue University | An equal access/equal opportunity university | Copyright Complaints
If you have trouble accessing this page because of a disability, please contact the CSC at itap@purdue.edu or (765) 494-4000.