Changing Content (Directory) Permissions
Read permissions determine who can read your collection or any sub-directories within your collection. Follow these steps to set Web Login read permissions for a specific collection.
Before you begin please note: This function replaces the previously used .htaccess file method for authentication control. If you used .htaccess you must remove the old .htaccess file from your folder. The Andrew Web Publishing system will reject all old "." files.
Follow these steps to use the Andrew Web Publishing system to set Read permissions:
- Login to the Andrew Web Publishing System.
- Select Administer this collection for the collection for which you want to change permission information. The Andrew Web Publishing System page is displayed.
- Under Permissions, click Content permissions.
- A screen similar to the following is displayed:
- In the Directory to restrict field, type the name of the directory you wish to restrict access to and click Add.
- For example, to restrict access to the directory http://www.cmu.edu/computing/documentation/outlook, type outlook in the Directory to restrict field.
- If you want to restrict access to the entire collection, type a forward slash character / to indicate the root directory for the collection.
Note: When adding directories, the system WILL NOT verify if a directory really exists. Therefore, you will need to type the name exactly as it appears on the server. Be sure to differentiate between capital and lower-case letters. Directories will appear in the order in which they were added; the order they're displayed on the permissions page is not important.
- Notice that now, in addition to access control options for the root of the collection, there are access options for the directory you specified (in this example, userid).
You have three access control options for each directory for which you added directory restriction:
- Anyone - no access control, imposes no restriction on the directory. This is the default collection access allowing your collection to be read by anyone who navigates to your url. If you set this option, the directory is removed from the access control list. Use this option to remove restrictions that were previously set.
- Any Andrew User restricts directory access to any logged-in Andrew user denying access to those who do not have an Andrew account.
- A list of specific users restricts directory access to only those Andrew or Qatar userIDs specified in the Add user's Andrew UserID to access list field. UserIDs not listed are denied access to the directory.
Note: This page only accepts Andrew and Qatar userIDs and not real names and; will verify all userIDs for you.
Access Control Tips
- If you change the access control type for a particular directory, you will need to publish the collection in order for the change to take effect.
- If you add access controls for a directory that does not exist in staging, future publishes will fail. Either remove the access controls, or create an empty directory in the staging server before publishing.
- You may add access restrictions to a directory before creating the actual directory. This way, you can ensure that new content has the appropriate restrictions.
- If you toggle between the Any Andrew user and the Specific Andrew users options, the user list that you specify will be maintained.
- When using the Any Andrew user option, users from the ECE and CS domains will also be allowed access.
To remove restriction for an entire directory: select Anyone - no access control for that directory and click Change Access Control.
To remove access permission for a specific user: click Remove next to the userID under the Add user's Andrew UserID to access list option.