ISG Web>CourseAccounts>CourseWebpage>RequireUseridsForSecureWebAccess (revision 4)~~EditAttach~~

Requiring Userids for Secure Web Access

This is documented at http://www.math.uwaterloo.ca/mfcf/faq/www_author.html#www/features_access_imap.faq.

In short, for any page in the same directory as (or a subdirectory of) the directory containing a .htaccess file with the following two lines:

require valid-user
!SSLRequireSSL

will require WatIAM authentication via CAS before allowing access, and then will serve the page over a secure connection.

Please note that while the old Solaris web server required that the line PerlAuthenHandler Apache::AuthenURL be in the .htaccess file, the Linux web server requires you not to have it.

The web server will require that all such pages are accessed via the https:// protocol instead of http://, so make sure you set any links on your page accordingly.

NB: If anybody knows how to get http:// to forward to https:// automatically on appropriate pages, please document it here.

See also:

HtaccessForPHP if you are planning on implementing any pages in PHP.
RestrictingWebAccessToCourse to restrict access to particular pages to certain userids.

Topic revision: r4 - 2010-09-20 - TerryVaskor

ISG Web

ISG Web Home
- Changes
- Index
- Search

Webs
- AIMAS
- CERAS
- CF
- CrySP
- External
- Faqtest
- HCI
- Himrod
- ISG
- Main
- Multicore
- Sandbox
- TWiki
- TestNewSandbox
- TestWebS
- UW

My links
- People
- CERAS
- WatForm
- Tetherless lab
- Ubuntu Main.HowTo
- eDocs
- RGG NE notes
- RGG
- CS infrastructure
- Grad images

Edit

Instructional Support Group, David R. Cheriton School of Computer Science, University of Waterloo