Index  Up  <<  

Controlling access to certain pages

If the directory containing the page has a file .access and that file is zero bytes long, then access can be gated in one of several ways.

1. If the file .access_gate is present, it will be read and scanned for page-based access. The file has the form:

      page: condition
      *: condition
   

   The page is the file name of the file to be controlled (the .html extension is optional); the condition is either a literal Yes/No or MiniVend tags which would produce a Yes or No (1/0 work just fine, as do true/false).

   The entry for * sets the default action if the page name is not found. If you want pages to be allowed by default, set it to 1 or Yes. If you want pages to be denied by default in this directory, leave blank or set to No. Here is an example, for the directory controlled, having the following files:

     -rw-rw-r--   1 mike     mike            0 Jan  8 14:19 .access
     -rw-rw-r--   1 mike     mike          185 Jan  8 16:00 .access_gate
     -rw-rw-r--   1 mike     mike          121 Jan  8 14:59 any.html
     -rw-rw-r--   1 mike     mike          104 Jan  8 14:19 bar.html
     -rw-rw-r--   1 mike     mike          104 Jan  8 14:19 baz.html
     -rw-rw-r--   1 mike     mike          104 Jan  8 14:19 foo.html
   

   The contents of .access_gate:

       foo.html: [if session username eq 'flycat']
                   Yes
                 [/if]
       bar:      [if session username eq 'flycat']
                 [or scratch allow_bar]
                   Yes
                 [/if]
       baz:      yes
       *:        [data session logged_in]
   

   The page controlled/foo is only allowed for the logged-in user flycat.

   The page controlled/bar is allowed for the logged-in user flycat, or if the scratch variable allow_bar is set to a non-blank, non-zero value.

   The page controlled/baz is always allowed for display.

   The page controlled/any (or any other page in the directory not named in .access_gate) will be allowed for any user logged in via UserDB.

   NOTE: The .access_gate scheme is available for database access checking if the database is defined as an AdminDatabase. The .access_gate file is located in ProductDir.

2. If the Variable MV_USERDB_REMOTE_USER is set (non-zero and non-blank) then any user logged in via the UserDB feature will receive access to all pages in the directory.

   NOTE: If there is a .access_gate file, it overrides this.

3. If the variables MV_USERDB_ACL_TABLE is set to a valid database identifier, the UserDB module can control access with simple ACL logic. See USER DATABASE.

   NOTE: If there is a .access_gate file, it overrides this. Also, if MV_USERDB_REMOTE_USER is set, then this capability is not available.

Index  Up  <<