Okay.
I have everything in properly now as far as I know.
The stack is:
plugin.sequence.org.dspace.authenticate.AuthenticationMethod = \
org.dspace.authenticate.IPAuthentication, \
org.dspace.authenticate.PasswordAuthentication
authentication.ip.Restricted_Access = 142.66,\
142.110.191/24
My group is called Restricted_Access with no members.
It shows up in the list of items I have groups I'm a member of when I login.
The Default Collection policy is:
Policies for Collection "Licensed Resources" (10133/3223,ID: 69)
Click here to add a new policy.
ID Action Group
142028 READ Anonymous [Edit]
142011 DEFAULT_ITEM_READ COLLECTION_69_DEFAULT_READ [Edit]
142010 DEFAULT_BITSTREAM_READ COLLECTION_69_DEFAULT_READ [Edit]
141935 ADD COLLECTION_69_WORKFLOW_STEP_1 [Edit]
141934 ADMIN COLLECTION_69_ADMIN [Edit]
The default item policy is:
ID Action Group
Item Policies Add a new Item policy
142023 READ COLLECTION_69_DEFAULT_READ [Edit]
Policies for Bundle LICENSE (10859) Add a new Bundle policy
142025 READ COLLECTION_69_DEFAULT_READ [Edit]
Bitstream license.txt (11511) Add a new Bitstream policy
142024 READ COLLECTION_69_DEFAULT_READ [Edit]
Policies for Bundle ORIGINAL (10858) Add a new Bundle policy
142027 READ COLLECTION_69_DEFAULT_READ [Edit]
Bitstream authentication-ip.cfg (11510) Add a new Bitstream policy
142026 READ COLLECTION_69_DEFAULT_READ [Edit]
COLLECTION_69_DEFAULT_READ has the restricted group in it.
When I have an item in the collection, the IP restriction does not work. You
can still access the item http://hdl.handle.net/10133/3224 without having a
restricted IP.
--
Jake Cameron, BCS(UNB)
Systems Support Specialist III
Information Systems and Technical Services University of Lethbridge Library
Phone:(403)329-2756
This e-mail, including any and all attachments, is only for the use of the
intended recipient(s) and may contain information that is confidential or
privileged. If you are not the intended recipient, you are advised that any
dissemination, copying or other use of this e-mail is prohibited. Please notify
the sender of the error in communication by return e-mail and destroy all
copies of this e-mail. Thank you.
-----Original Message-----
From: ivan.ma...@gmail.com [mailto:ivan.ma...@gmail.com] On Behalf Of helix84
Sent: Wednesday, November 21, 2012 8:02 AM
To: Cameron, Jacob
Cc: dspace-tech@lists.sourceforge.net
Subject: Re: [Dspace-tech] IP Restriction to Bitstreams in a collection
On Wed, Nov 21, 2012 at 3:56 PM, Cameron, Jacob <jacob.came...@uleth.ca> wrote:
> Sorry Helix. I am running 1.7.1 right now. I thought I had included that in
> my email.
Right, so the correct property name is authentication.ip.Restricted_Access
>> 2) Edited dspace.cfg with authenticate.ip.Restricted_Access = 142.66, /
>> 142.110.191,
I didn't look at the right hand side before, but now I see that it's also
misformatted. If the slash is supposed to separate lines, you have to use a
backslash, not a forward slash, and it has to be followed immediately by the
newline character. If you meant to use forward slash as a netmask separator in
CIDR notation, than it has to be after the IP. E.g. 142.110.191/24 would
represent the range
142.110.191.0 - 142.110.191.255.
Regards,
~~helix84
Compulsory reading: DSpace Mailing List Etiquette
https://wiki.duraspace.org/display/DSPACE/Mailing+List+Etiquette
------------------------------------------------------------------------------
Monitor your physical, virtual and cloud infrastructure from a single
web console. Get in-depth insight into apps, servers, databases, vmware,
SAP, cloud infrastructure, etc. Download 30-day Free Trial.
Pricing starts from $795 for 25 servers or applications!
http://p.sf.net/sfu/zoho_dev2dev_nov
_______________________________________________
DSpace-tech mailing list
DSpace-tech@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/dspace-tech
