httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From susan hall <sueh...@prodigy.net>
Subject [users@httpd] Qu re config for cookie string + ip access control
Date Fri, 07 Nov 2003 20:03:08 GMT
Hello,

I have a 1.3.28 webserver open to the world, that is used to update
member accounts.  Members login to the site with their domain and
password to get a cookie, then they can update their own stuff only.

This website also has a "superuser" account that has authority to modify
any and all accounts; it is a unique domain/password.  This special user
should be used only by a restricted set of  people who would come from
identifiable ip ranges, but the urls it will use are identical to the
urls for all members.

The "super" account can be seen and identified in the cookie.  I was
hoping to be able to use a combo of  SetEnvIf cookie and Allow from
directives to impose a more restricted access by ip on just this
superuser, but I can't see how to say to the server some variation of:
  If not superuser
     allow from all
  else
     allow from xxx.yyy.xxx

Any suggestion appreciated.

Thanks, Susan


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message