We are using an MVC framework to develop PHP applications. We have
Apache handling requests via the PHP module, Cosign for
authentication, and .htaccess for authorization.
Up to a few months ago, we developed/deployed our applications with
Zope, which handled both authentication and authorization internally
-- so this is new territory for us all around.
One of our apps has 4 views, to be made accessible to 4 separate
groups of people. The developer integrated all the interfaces behind a
single controller, which makes complete sense from a development
standpoint, but now I can't figure out how to restrict access to the
views.
Accessing http://fakey.site.edu/student gets you the student.php file
which points to the index.php controller. Attempts to restrict /
student or /student.php with either <Directory> or <Location> are
ignored (which makes sense, since these are neither directories nor
locations). What do I need here?
My hack was to copy his code into 4 separate directories and eliminate
key pieces in each one so that I can restrict by actual directory. But
this is really hacky and not maintainable.
Many thanks for any help you can give!
--
Chris Africa
Web Project Manager
Department of Mechanical Engineering
University of Michigan
734-764-8482
Fridays: 734-730-6221
AIM/iChat/Skype ID: baiewola
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
" from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
