Artem Kuchin wrote:
Hello!
Where is the situation. I have a bunch of files (thousands) in a directory
structure which is accessible via direct url.
For example:
directory:
htdata/index.html
htdata/files
htdata/files/1/file1.dat
htdata/files/1/file2.dat
htdata/files/2/file3.dat
htdata/files/3/file4.dat
The poing is to make ONLY CERTAIN files avaible to users which
are logged in and qualified for access for the files.
For example: user john does logged in using apache auth scheme
and he is qualified (SOMEHOW. HOW to tell it to apache?)
for access to file2 and files4. After that this user can download them.
Access to all other files gives "forbidden".
Any idea?
Hi.
In function of what criteria is a user qualified or not to access which
file ? or in function of what criteria is a file said to be accessible
by which users ?
I mean, assuming that you are using Apache's Basic authentication, based
on Apache's htpasswd and group files, then Apache knows the user-id and
(possibly) the user's group(s) membership(s).
Then, on the other hand, you have your files. How do you decide which
file is accessible by whom ? Is it individual per user, per user group
? can you group the files which have similar access permissions in
separate directories ?
Example : let's say that there are 4 categories of files; files in
category#1 can be accessed by some users, files in category#2 by some
other users, etc..
Then you could split your files in sub-directories, and specify for each
subdirectory something like :
<Directory /var/www/mysite/htdata/files/1>
...
Require group group1 group99
</Directory>
<Directory /var/www/mysite/htdata/files/2>
...
Require group group2 group99
</Directory>
<Directory /var/www/mysite/htdata/files/only_supers>
# these files only accessible by "super-users"
...
Require group group99
</Directory>
<Directory /var/www/mysite/htdata/files/everyone>
# any authenticated user can access these files
...
Require valid-user
</Directory>
then you can arrange to have each of your users given one or more groups
: the users allowed to access files in "../files/1" would need to belong
to group1; the users allowed to access files in "../files/2" would need
to belong to group2; etc..
Users who can access both files/1 and files/2 need to be member of both
group1 and group2.
Users member of group99 (super-users) can access files in all directories.
Some files may have to be duplicated into more than one subdirectory.
Depending on your situation (number of users, number of files, number of
different categories of files, etc..) this may be practical or not.
There are really a lot of possibilities already with Apache itself, and
even more with add-on modules, but maybe provide some more details, so
that more suggestions can be offered.
André
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
" from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
