I2A2::Acess Module
This module is part of the of the I2A2 package. It restricts access to files by user or user characteristics via the I2A2
Authorization DataBases.
AllowUser
Syntax: AllowUser user user...Context: directory, .htaccess
Override: AuthConfig
Status: Extension
Module: I2A2::Access
The AllowUser directive selects which authenticated users can access a directory. The arguments can be PUIDs or I2A2 aliases.
A user whose PUID or alias appears in the list will be allowed access to the directory. This overrides the effect of any previous DenyUser directive for the PUID or alias.
The special string, "clear-list", may be used to clear the list of allowed users. It should appear as the first
argument to AllowUser:
AllowUser clear-list bob tom
The AllowUser directive only affects access when the directory's access handler is I2A2::Access.
See also DenyUser and CharsExp.
DenyUser
Syntax: DenyUser user user...Context: directory, .htaccess
Override: AuthConfig
Status: Extension
Module: I2A2::Access
The DenyUser directive selects which authenticated users cannot access a directory. The arguments can be PUIDs or
I2A2 aliases.
A user whose PUID or alias appears in the list will be denied access to the directory. This overrides the effect of
any previous AllowUser directive for the PUID or alias.
The special string, "clear-list", may be used to clear the list of denied users. It should appear as the first argument
to AllowUser:
DenyUser clear-list alice carol
The DenyUser directive only affects access when the directory's access handler is I2A2::Access.
See also AllowUser and CharsExp.
CharsExp
Syntax: CharsExp expressionContext: directory, .htaccess
Override: AuthConfig
Status: Extension
Module: I2A2::Access
Each CharsExp directive defines a characteristic expressions for the directory. Multiple characteristic expressions
may be defined. If any characteristic expression in a directory evaluates to "TRUE" for a user, the user is allowed access
to the directory.
When a CharsExp directive appears in a directory section, no characteristic expressions will be inherited for the directory.
The CharsExp directive only affects access when the directory's access handler is I2A2::Access.
See also AllowUser, DenyUser
DefaultRealm
Syntax: DefaultRealm realmContext: directory, .htaccess
Override: AuthConfig
Status: Extension
Module: I2A2::Access
The DefaultRealm directive specifies the authentication realm which is selected by default when users are prompted to
authenticate.
When no DefaultRealm directive applies, the Purdue realm is used.
Realms
Syntax: Realms [+|-]realm [+|-]realm...Context: directory, .htaccess
Override: AuthConfig
Status: Extension
Module: I2A2::Access
The Realms directive specifies which authentication realms are trusted under this directory. A list of realms may be
listed, or the current list may be augmented by adding or deleting realms.
The special realm name "Any" is used to accept authentication in any of the available realms.
Realms +Bob # add Bob to the list of currently accepted realms Realms Purdue # only accept authentcation in the Purdue realm Realms Any -Bob # accept authentcation in any realm except Bob
The default is to accept authentication in any of the available realms.