httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Artem Kuchin <mat...@itlegion.ru>
Subject Re: [users@httpd] Access control to files for logged in users only using apache
Date Wed, 04 Jun 2008 13:46:38 GMT


André Warnier пишет:
> Artem Kuchin wrote:
>> Hello!
>>
>> Where is the situation. I have a bunch of files (thousands) in a 
>> directory
>> structure which is accessible via direct url.
>>
>> For example:
>>
>> directory:
>>
>> htdata/index.html
>> htdata/files
>> htdata/files/1/file1.dat
>> htdata/files/1/file2.dat
>> htdata/files/2/file3.dat
>> htdata/files/3/file4.dat
>>
>> The poing is to make ONLY CERTAIN files avaible to users which
>> are logged in and qualified for access for the files.
>>
>> For example: user john does logged in using apache auth scheme
>> and he is qualified (SOMEHOW. HOW to tell it to apache?)
>> for access to file2 and files4. After that this user can download them.
>> Access to all other files gives "forbidden".
>>
>> Any idea?
>>
> Hi.
>
> In function of what criteria is a user qualified or not to access 
> which file ?  or in function of what criteria is a file said to be 
> accessible by which users ?
>
>
Well, basically software must open and close access to files, but access 
itself must granted or denied by apache.
For example:
1) apache authorized the user (basic login)
2) user does something that makes software set a cookie OR write a 
special file where it is specified what user has access to file
3) user is provied with the link and can download the file(s), apache 
control access using cookie (no secure at all) or the file with
permissions (nice and secure)


--
Artem



---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message