[ic] Restricting access to PDFs
Peter
peter at pajamian.dhs.org
Mon Jul 31 23:06:22 EDT 2006
On 07/31/2006 07:52 PM, Grant wrote:
> I'd like to limit the display of PDF files to admins. I've put my
> PDFs in a directory below the docroot and set up apache2 to require
> authentication to access that directory. The whole thing works fine,
> but I was wondering if there might be an IC way to do this?
IC can control who will get a link to the PDF on an IC page, but it's a
lot more difficult to control who has access to the PDF apart from
controlling with the web server.
One possible solution is to use mod_auth_tkt and issue an authentication
ticket from IC only to authorised admins. A usertag could be written to
issue the ticket. The downside to this approach is it requires cookies.
> Either way, is it possible to require an https request for the PDFs?
Yep, just put them in thier own directory outside of the normal webspace
and put an Alias directive inside the <VirtualHost> section for your
https setup.
Peter
More information about the interchange-users
mailing list