Google+
ITS and UVa logos for printed output

MyGroups

Authorizing Website Access Examples

One of the ways you can use MyGroups is to authorize access to all or a portion of a website. NetBadge and .htaccess may be used to control and authorize group access to any website residing on a UNIX host (including any of the ITS UNIX Web clusters and many UVa departmental websites).

Your website must be hosted on any of the ITS UNIX Web clusters and you have created or are a member of a MyGroups group to use for authorizing access to your website.

Authorize Website Access to a Single MyGroups Group

Create a .htaccess file similar to the one below when you want to grant access to a single MyGroups group. Anyone whose UVa computing ID appears in the group listed in the require line will be authorized to access the website.

Sample .htaccess File

AuthType NetBadge
PubcookieAppId "LDAP group test"
#
# Group authorization:
#
require ldap-group cn=DirectoryGroupsCDP,ou=Groups,o=University of Virginia,c=US
  1. The first line of your .htacess file should be identical to the line above:
    AuthType NetBadge
  2. Insert the name of your application ID after PubcookieAppid. If your application ID contains spaces, as in the example above, enclose the ID in double quotes.
  3. The lines that begin with the pound sign (#) are comments that you may add to your .htaccess file to separate lines of code and add explanatory text.
  4. Insert the name of your MyGroups group in place of DirectoryGroupsCDP after cn= in the require line. All other fields in this line should remain identical to the example above.

Authorize Website Access to Multiple MyGroups Groups

Create a .htaccess file similar to the one below when you want to grant website access to the members of multiple MyGroups groups. Anyone whose UVa computing ID appears in at least one of the MyGroups groups listed in the require lines will be authorized to access the website.

Sample .htaccess File

AuthType NetBadge
PubcookieAppId "LDAP group test"
#
# Group authorization:
#
require ldap-group cn=Tester,ou=Groups,o=University of Virginia,c=US
require ldap-group cn=YetAnotherTestGroup,ou=Groups,o=University of Virginia,c=US
require ldap-group cn=seas-ittest,ou=Groups,o=University of Virginia,c=US
require ldap-group cn=mollytest,ou=Groups,o=University of Virginia,c=US
require ldap-group cn=hsl-proxy-users,ou=Groups,o=University of Virginia,c=US

  Page Updated: 2013-08-20