[ic] Restricting access to PDFs
emailgrant at gmail.com
Mon Jul 31 23:49:09 EDT 2006
> > I'd like to limit the display of PDF files to admins. I've put my
> > PDFs in a directory below the docroot and set up apache2 to require
> > authentication to access that directory. The whole thing works fine,
> > But I was wondering if there might be an IC way to do this?
> Sure is.
> In your "pages/" directory, create a directory to hold your PDFs. In
> that directory, drop in two files: ".access" and ".access_gate".
> ".access" is an empty file that tells IC to look at ".access_gate" when
> gating access to requests within this directory.
> ".access_gate" contains a simple list of rules that define what content
> is available to a user, where the left side defines what pages in that
> directory are effected and the right side defines an expression that
> should return true or false.
> So - say your admins have a session variable set that's "is_admin", your
> access gate might look like:
> public_pdf.pdf : 1
> * : [data session is_admin]
> The file "public_pdf.pdf" would be available to everyone. Everything
> else would be only available to sessions that have "is_admin" set to a
> true value. The * applies to all pages in this directory.
> The only caveats I've found - rules you apply in a parent directory
> don't apply to a child directory, so if you've got a tree of pages you
> need to drop ".access_gate" and ".access" files into each one.
> Docs here:
> But - in my experience, this is pleasantly easy.
> As to HTTPS only access - try tweaking AlwaysSecure in your catalog.cfg.
> That'll make ic link to the directory always with a secure link. You'll
> still probably need an Apache Rewrite rule, though, to keep direct
> accesses to PDFs under HTTPS.
That sounds right on. Do you know in what version of IC this was
implemented? Thanks a lot for the tips.
More information about the interchange-users