| Previous · Next | |
| User | Message |
|
dannymk
|
Date: 9/13/2011 3:33 pm · Subject: Filesystem access without apache · Rating: 0
Got a directory /usr/local/securefiles Need to grant access to the files in that directory using WebGUI authorization. The files will be displayed using a yui datatable having one of the fields be a link that will download the file from this "secure" directory. http://developer.yahoo.com/yui/examples/datatable/dt_xhrjson.html I already built the macro that generates the file list (json); I have already built a snippet that creates the YUI datatable wich includes the link to download the file. The problem is secure access to the files. The files are readily downloadable however there is no way to secure them by using the webgui admin interface. Does anyone have a way to do this? Can it be done using WebGUI or do I have to manually copy .htaccess .wgaccess files to the /usr/local/securefiles directory? |
| Back to Top |
Rate [ | ]
|
|
perlDreamer
|
Date: 9/13/2011 5:40 pm · Subject: Re: Filesystem access without apache · Rating: 0
If there was only going to be a few levels of security, I would build a custom Content handler for determining if a user should have access to the directory. It would have a simple admin interface so you could pick a group and a sub-directory out of /usr/local/securefiles. Then, the content handler would do a check to see if the requested URL contained any of those URLs, and then check to see if the user in the current session had the correct permissions to see that URL. You could do this as a URL handler, but you need a full WebGUI session to do the permission checks, and while a Content handler is buried deeper and may affect your page generation speed, content handlers share a session between them. |
| Back to Top |
Rate [ | ]
|
