Carnegie Mellon University

Use Authenticated Publication

Anyone who uses Publishing on www.andrew or UserWeb and CourseWeb KWPublish and enters the correct userID or course number can publish course and personal pages. If you want to control who can publish your pages, use authenticated publication to:

  • restrict read access to your www directory
  • prohibit others from publishing your pages

Use authenticated publication only for collections that have a configured .kwpublish file to restrict access by IP address or Andrew userID. To restrict the publication of your collection to specific individuals, or to a specific PTS group, follow the steps below.

Note: PTS groups make it easy to maintain a list of individuals who may publish your web pages. For more information about how to create and maintain PTS groups, type pts help at a UNIX prompt.

A .kwpublish file present in your www directory root indicates to the User/CourseWeb server that you want to use authenticated publishing. Follow these steps to create the .kwpublish file.

  1. Use a text editor, such as Notepad or Text Editor, and create a document with the userID(s) of those who are authorized to publish, following these examples.
    • If you want to authorize Jane Smith, whose Andrew userID is jsmith, type:
      jsmith
    • If you want to authorize more than one person to publish your files, enter their Andrew userIDs in succession, separated by a comma:
      jsmith,djones,gjohnson
    • If you want to authorize, in one document, both individuals and PTS groups to publish your files, for example, Andrew userID jsmith and anyone who is a member of the PTS group ju32:99-999, type the following:
      jsmith,ju32:99-999

      Save the .kwpublish text file without a file extension; the User/CourseWeb publishing server does not recognize file extensions. For example, if you create the file in Notepad, save it by selecting File > Save As; File name - .kwpublish; Save as type - All Files and click Save.

      kwpublish file save window
    1. Open an SFTP client to transfer the .kwpublish file to the appropriate level of the www collection.

Enter the following command(s) to use authenticated publication.

  1. Open a supported Telnet client; Tectia (Windows), Terminal (Mac).
  2. Connect to the User/Course Web server
    Host: unix.andrew.cmu.edu
    Userid or User Name: your Andrew userID
    Password: your Andrew password
  3. If applicable, remove publication permission for any individual by typing the following command at the root of your afs directory or project volume:

    fs sa www system:anyuser l

  4. Enter the following command to give the server read access to your www directory, but to prohibit Andrew users other than those listed in the .kwpublish file from reading the files:
    fs sa www service.webman rl

Follow these steps to use the authenticated publication service.

  1. Visit the UserWeb and CourseWeb KWPublish page.
  2. Select the appropriate radio button for Personal or Course web pages.
  3. Enter your userID or course number. If a section letter or other text is part of the course number you submitted in your request for a project volume, you must include it in the course number.
  4. Click Publish.
Note: You will not be able to use Publishing on www.andrew to publish your pages because your website now requires authenticated publication. If an unauthorized individual attempts to use the andrew.cmu.edu tool to publish your files, an error message appears similar to this: "We're sorry, but publishing is restricted for this website."