[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[cobalt-users] Re: Restrict access to a virtual site raq4
- Subject: [cobalt-users] Re: Restrict access to a virtual site raq4
- From: Bruce Timberlake <bruce@xxxxxxxxxx>
- Date: Tue Dec 30 09:48:01 2003
- Organization: BRTNet
- List-id: Mailing list for users to share thoughts on Sun Cobalt products. <cobalt-users.list.cobalt.com>
How can I set-up a virtual site that can only
be viewed by users of that virtual site?
I have searched through the mailing lists and .htaccess keeps cropping
up but both times it relates to allowing only a virtual sites users to
view a virtual site.
You would need to set up a .htaccess file that only allows members of
the specified group to authenticate.
I have also compared the directory structure of the a group on the Qube
to a virtual site on the raq. On the Qube the restricted folder is just
a folder inside the public folder. I cannot see a .htaccess file within
the private folder anywhere.
There would not be a .htaccess file in there now - you need to set it up
(use any text editor like vi or emacs). And remember, any file that
starts with . is "hidden" and you need to use the -a switch for ls to
see it ("ls -alF" for example). On the Qube the restriction is set up
using the rewrite rules in Apache I believe (don't have a Qube set up
right now to look at).
Check my .htaccess howto at
http://www.cobaltfaqs.com/wiki/index.php/PasswordProtectingDirectories
I'm thinking you could do something like this:
AuthPAM_Enabled off
AuthUserFile /etc/shadow
AuthGroupFile /etc/groups
AuthName "Extranet"
AuthType Basic
Order allow,deny
Allow from all
<Limit GET POST>
require group siteX
</Limit>
This will allow you to use the existing system passwd and group files.
Or you can do it as my howto describes and make a separate passwd file
that you have to manually update if the site users change/get added to/etc.
I'm sure I'm forgetting something... this should get you started though! :)