From: Geoff on
Hello

I would like website users to be able to have access to the files in
any combination of folders.

Say there are 20 folders, each with different files in them. User A
needs access to files in folders 1, 2 and 3, user B access to files in
folders 7, 10, 15 and 20 and so on.

Now I know I can have a .htaccess file in each folder but that would
mean giving user A three different user name and password
combinations, user B four different combinations.

Is there a better way?!

Cheers

Geoff
From: Marious Barrier on
On 06/10/2010 06:54 PM, Geoff wrote:
> Hello
>
> I would like website users to be able to have access to the files in
> any combination of folders.
>
> Say there are 20 folders, each with different files in them. User A
> needs access to files in folders 1, 2 and 3, user B access to files in
> folders 7, 10, 15 and 20 and so on.
>
> Now I know I can have a .htaccess file in each folder but that would
> mean giving user A three different user name and password
> combinations, user B four different combinations.
>
> Is there a better way?!
>
> Cheers
>
> Geoff

I would handle everything through PHP.
From: Ben Morrow on
[f'ups set to c.l.perl.misc]

Quoth Geoff <geoff(a)invalid.invalid>:
>
> I would like website users to be able to have access to the files in
> any combination of folders.
>
> Say there are 20 folders, each with different files in them. User A
> needs access to files in folders 1, 2 and 3, user B access to files in
> folders 7, 10, 15 and 20 and so on.
>
> Now I know I can have a .htaccess file in each folder but that would
> mean giving user A three different user name and password
> combinations, user B four different combinations.

Why?

> Is there a better way?!

Yes, there are many. If you are talking about .htaccess files, then that
is part of your webserver's configuration; you will need to read your
webserver's documentation (or ask in a relevant group) to find out what
your options are.

If you would like to write a CGI (or some other form of server-side
program) in Perl to do the access checks, that isn't terribly hard; try
until you get stuck and then post the results and someone might help
you.

(If your inclusion of c.l.j indicates you're even considering doing this
entirely client-side, please think again.)

Ben

From: Martijn Lievaart on
On Thu, 10 Jun 2010 23:54:58 +0100, Geoff wrote:

>
> Now I know I can have a .htaccess file in each folder but that would
> mean giving user A three different user name and password combinations,
> user B four different combinations.
>

No, it doesn't. Use one htpasswd file and use the .htaccess per directory
to control who has access to that directory. It's really simple, no perl
or php needed. And access control using javascript is always a BAAAD
idea, it is always easily circumvented.

M4
From: Geoff on
On Fri, 11 Jun 2010 07:53:28 +0200, Martijn Lievaart
<m(a)rtij.nl.invlalid> wrote:

>On Thu, 10 Jun 2010 23:54:58 +0100, Geoff wrote:
>
>>
>> Now I know I can have a .htaccess file in each folder but that would
>> mean giving user A three different user name and password combinations,
>> user B four different combinations.
>>
>
>No, it doesn't. Use one htpasswd file and use the .htaccess per directory
>to control who has access to that directory. It's really simple, no perl
>or php needed. And access control using javascript is always a BAAAD
>idea, it is always easily circumvented.

Thanks Martijn,

Do you mean using require user A for example in following .htaccess?

AuthUserFile /usr/local/you/safedir/.htpasswd
AuthGroupFile /dev/null
AuthName EnterPassword
AuthType Basic

require user A


For both A and B is the line

require user A, B

or something different?

Cheers

Geoff










>
>M4