Access to personal web sites on www.dartmouth.edu can be restricted using an .htaccess file with the appropriate mod_auth_cas directives. The restrictions will apply to the directory and everything below it. Example:
~jdoe/public_html/.htaccess # applies to the entire web site
~jdoe/public_html/secret_stuff/.htaccess # only applies to the secret_stuff directory and below.
The .htaccess file must contain two or more of the following directives:
- AuthType CAS This directive is required
- require valid-user – Allows any valid CAS user to access the resource
- require user – Allows a specific user to access to the resource
- require cas-attribute – Allows access to the resource based on CAS attributes of the user
- netid– A specific useridentified by NetID will have access to the resource
- ex: require cas-attribute netid:d12345z
- name – Allow access based on REGEX match on the user's name
- ex: require cas-attribute name~^.*Doe$ # Only people who's name ends with 'Doe'
- affil – Allow access based on REGEX match on the user's affiliation (ex: ALUMNI, DART)
- ex: require cas-attribute affil~^(?!ALUMNI).*$ # Only people that are not ALUMNI
- uid – Allow access based on the user's UID
- ex: require cas-attribute uid:135790864 # Only user with the specified UID
- did – Allow access based on the user's DartID
- ex: require cas-attribute did:HD64210H # only the user with the specified DartID
You can use combinations of multiple directives in the file.
Here are some example .htaccess files:
-
allow anyone with a valid Dartmouth credential:
AuthType CAS
require valid-user
-
allow access only to your account by name:
AuthType CAS
require user "Yourfirstname Yourlastname@DARTMOUTH.EDU"
-
Allow access to multiple users by NetID:
AuthType CAS
require cas-attribute netid:d12344g
require cas-attribute netid:f98787b