Restricting Web Page Access
If your web service uses Web Login for authentication, web server administrators can use the following method to restrict access based on Carnegie Mellon groups:
Services Using Web Login (Recommended)
Web services that have adopted Shibboleth-based, Web Login are eligible for improved methods of extracting information for authentication. Your web service can be provisioned in a way to pull group, real name or other information for which you are entitled with no need to access the mod_ldapauthz module. For help with configuration, refer to the Shibboleth Authentication document.
Web Login based services can use the mod_ldapauthz module to restrict access based on Carnegie Mellon groups; for help, refer to Configuring the mod_ldapauthz Module. If your service is already configured for mod_ldapauthz, but you are now authenticating through Web Login, mod_ldapauthz will continue to work; however, keep in mind that your service would be eligible for additional authentication capabilities if you use the Web Login/Shibboleth configuration steps (see above).
Last Updated: 8/29/13