iTP Secure WebServer System Administrator's Guide (iTPWebSvr 6.0+)

ManualsBrandsHP ManualsServerHP NonStop G-Series

371

372

373

374

375

376

377

378

379

380

Configuration Directives

iTP Secure WebServer System Administrator’s Guide—523346-002

A-53

Region Commands

To use SI_Department command in a Region directive, enter the following:

Region /foo/* {

SI_Department 5 -ForceTicketInUrl On

SI_RequireSI 5 20 30

}

SI_RequireSI department-id group-list

The SI_RequireSI command protects a region; requests for resources within the

region are only granted to users with a valid ticket.

The ticket’s message authentication code (MAC) must be encoded with the proper

secret, indicated by the department ID (department-id).

The group ID specified in the ticket must match one of the groups listed in

group-list. If the group-list includes more than one group ID, list the

broadest group first and the most specific last.

This command has no defaults.

To use SI_RequireSI command in a Region directive, enter the following:

RequireSI 1 10 20

This example makes the region accessible only to users who are members of

groups 10 or 20, in department 1.

UserDir [-symlink-disable] [-symlink-owner] user-dir

The UserDir command sets the name of the user directory (user-dir) that is to

be accessed whenever a URL begins with a tilde (~). Any URL beginning with a

tilde (~) is mapped to the specified directory within the indicated local user’s home

directory.

The options include

-symlink-disable

This option disables symbolic links to files in the specified directory. As a result,

the iTP Secure WebServer returns a “not found” message in response to any

attempt to access a path that contains a symbolic link.

-symlink-owner

This option is similar in function to the -symlink-disable option; it disables

symbolic links, but only if these symbolic links are owned by someone other

than the owner of the files to which the symbolic links point.

The UserDir command overrides for specified regions the global specifications

set for the same items by the UserDir directive. For further information about

using the UserDir directive, see UserDir on page A-73.