Controlling web page access
On this page:
- Using IU Network ID authentication with a virtual host address
- Allow all IU users
- Restrict to specific IU users
You can control who is able to view your web pages by using
.htaccess files in your
wwws directories and subdirectories. When using
.htaccess controls that require IU Network ID
authentication, you must use the [add link to
secure server doc].
By adding an
Error Document Directive to your
.htaccess file, you can provide custom error messages so
that users can contact you in case of problems.
When a user tries to access one of your web pages, the web server
looks for a
.htaccess file in the directory where the
file is stored. If there is a
.htaccess file present,
the user must meet the authentication requirements defined in the
file in order to view the page. If there is no
present, the web page will be displayed.
.htaccessfile is written, an Internal Server Error page will be displayed.
Using IU Network ID authentication with a virtual host address
With a virtual host, if you choose to restrict access in a way that
requires IU Network ID authentication as described in this document,
you must store the web content on the secure server
wwws directory). Doing so will require an additional
virtual host configuration on the server. To request this additonal
configuration, contact the IU
Webmaster. Requests may
take up to three business days for processing.
Allow all IU users
If you wish to restrict access to anyone who has an IU Network
ID/passphrase, you may do so by using a predefined access control
option available on Webserve. For security reasons,
you must use this in the
within your account.
To activate this option, log into your account on Webserve and
move to the
wwws directory. (To restrict
access to only certain subdirectories, move to the directory you
wish to restrict.) Type the following command:
Any person with an IU Network ID will be able to authenticate; others will receive a "403 Forbidden" error message.
Restrict to specific IU users
For security reasons, you may use this only in
wwws directory within your account.
To restrict access to certain IU Network IDs, create or modify a
.htaccess file to look something like this:
AuthGroupFile /dev/null AuthType CAS AuthName "IU Network ID" <Limit GET POST> require user greg peter bobby sam oliver </Limit>
The "AuthType" field is defined as
CAS, so website
visitors will be directed to the familiar CAS login screen, and must
use their IU Network usernames and passphrases to authenticate. The
require user directive within the
lists the IU Network usernames allowed to access the files in this
directory. In this case, the network usernames
oliver are permitted access. Everyone else will receive
an error message if they try to log in.
If your list of required users is long, make sure there are
no line breaks in the list of names. If your list exceeds the number
of characters that can be contained in one line, your users may
receive an "Internal Server Error" message instead of a login
box. The solution is to separate your list of users into several
require user statements, as shown:
<Limit GET POST> require user greg peter bobby sam oliver james ebenezer harold scott robert require user kate elizabeth sarah jennifer alison susan megan erica leslie </Limit>
With this type of authentication, users log in with their network usernames and passphrases, so you don't have to maintain passwords for them.
This is document bfro in the Knowledge Base.
Last modified on 2015-10-16 00:00:00.
- Fill out this form to submit your issue to the UITS Support Center.
- Please note that you must be affiliated with Indiana University to receive support.
- All fields are required.