The new security layout provides more granularity when it comes to choosing who can access your website. While at first it may look intimidating the concept is quite simple. Each of the two axis provide the where and who of the new security system. The numbers 1-4 are locations of potential users (the where) and the letters A-H are (the who) that can access your site. So it is as easy as picking the place where you want the user to be and then the who and finding the intersection in the table. Below is a grid layout of the new security levels which will allow you to do that, and below that are some examples of the most common requested security levels.
|IP Address Restrictions|
|1. Open to Any Address (no restriction)||2. Open to Any Purdue University Address||3. Open to Any Purdue University West Lafayette Address||4. Open to a Custom List of IP Addresses (a subnet, block, etc.)|
|User/Group Restrictions||A. Open to Any User (no restriction)||1A||2A||3A||4A|
|B. Open to Purdue Career Account & Password||1B||2B||3B||4B|
|C. Open to Purdue Faculty & Staff Only||1C||2C||3C||4C|
|D. Open to Purdue Students Only||1D||2D||3D||4D|
|E. Open to a Department or Group of Departments||1E||2E||3E||4E|
|F. Open to a Specific Career Account List1||1F||2F||3F||4F|
|G. Global ID & Password (not LDAP)||1G||2G||3G||4G|
1 This can be done with an .htgroup file maintained and deployed to each tier by the developer (preferred) or as a static list maintained by Web Services.
2 Contact email@example.com for assistance.
Below are some examples of how to use the table, each of the bold phrases are the key components in the questions.
|Desired Access||Requested Security Level|
|I want Purdue Students Only to access my site but it doesn’t matter where they are||Any IP Address and Purdue Students = 1D|
|Any IP Address = 1||Purdue Students = D|
|I want only people on the West Lafayette Campus to access my site but it doesn’t matter who they are||Any Purdue University West Lafayette Address and Any User = 3A|
|Any Purdue West Lafayette Address = 3||Any User = A|
|I want a single username and password for my site and it doesn’t matter where its accessed from||Any IP Address and Single Sign-on = 1G|
|Any IP Address = 1||Global ID & Password (Single Sign-on) = G|
|I want a certain subnet to access my site with their Career Account||Specific Subnet and Purdue Career Account = 4B|
|Specific Subnet = 4||Purdue Career Account = B|