[WEB4LIB] Secure directory
Mark Pecaut
pecautm at missouri.edu
Tue Dec 5 11:34:27 EST 2000
Always second-guess your IT department. They are often wrong.
Sounds like a job for .htaccess. Follow these instructions:
http://depts.washington.edu/catalyst/how-to/htaccess/access.htm
The whole thing could be scripted with cgi scripts (so they could
set the password via the web instead of having to telnet in).
-Mark
On Tue, Dec 05, 2000 at 08:19:08AM -0800, George Fowler wrote:
> Hi all,
>
> We are starting to implement an electronic reserves in our library.
> We are going to use our catalog, Voyager, to access these reserves.
>
> The system we plan to use seemed very simple; we would create a secure
> directory on our Apache server, and within this directory we would
> create subdirectories that contain the reserve items for a particular
> class when they got added. All links from Voyager for a particular
> class would go to a login.htm type page within each subdirectory that
> would require them to input a password that they received from their
> instructor. After validating, they would see an "index page" listing
> all documents on reserve for that class.
>
> I would like to insure that none of the pages in this directory could
> be bookmarked, accessed directly by entering the URL, or in anyway
> accessed without validating through the login page.
>
> Sounds easy. The problem I'm having with our IT department is that
> they are saying we would need commercial software to protect a
> directory, and subsequent subdirectories in the manner I want.
>
> Please help with anything you feel would be relevant. If they are
> correct, then I would appreciate any information about good vendors.
> If they are incorrect, then I would appreciate knowing how we can
> protect the directories.
>
> Thank you in advance for your help.
>
> George Fowler
> Electronic Services Manager
> Embry-Riddle Aeronautical University
More information about the Web4lib
mailing list