8.8. Controlling Page Access With UserDB
Interchange can implement a simple access control scheme with the user database. Controlled pages must reside in a directory which has a file named .access that is zero bytes in length. (If it is more than 0 bytes, only the RemoteUser or MasterHost may access files in that directory.)
Set the following variables in catalog.cfg:
Variable MV_USERDB_ACL_TABLE userdb Variable MV_USERDB_ACL_COLUMN acl
The MV_USERDB_ACL_TABLE is the table which controls access, and likewise the MV_USERDB_ACL_TABLE names the column in that database which will be checked for authorization.
The database entry should contain the complete Interchange-style page name of the page to be allowed. It will not match substrings.
For example, if the user flycat followed this link:
<A HREF="[area cartcfg/master_edit]">Edit</A>
Access would be allowed if the contents of the userdb were:
code acl flycat cartcfg/master_edit
and disallowed if it were:
code acl flycat cartcfg/master_editor
Access can be enabled with:
[userdb function=set_acl location="cartcfg/master_edit"]
Access can be disallowed with:
[userdb function=set_acl delete=1 location="cartcfg/master_edit"]
Of course, a pre-existing database with the ACL values will work as well. It need not be in the UserDB setup.