Department of Engineering

Protecting WWW directories with PINs or RAVEN (CUED only)

All CUED users have a PIN (Personal Identity Number), and CUED has a facility called CWA that lets access to WWW pages be PIN-protected. It's not available on all our web servers but it works on www.eng.cam.ac.uk, www-h.eng.cam.ac.uk and www-g.eng.cam.ac.uk. The following examples shows common ways to use it.

Example 1 - How to PIN-protect a folder

The following needs to be put into a file (readable by all) called .htaccess in the folder that requires protection. Don't add any HTML tags, just change the the wording on the CWADescription line.

#
AuthType cued-webauth
# The following should be a useful description of the resource, 
# since it will be displayed as: 'You need to log in to use ....'
#
CWADescription "the local source database. Mail tpl@eng if there are problems."
require valid-user

Example 2 - How to PIN-protect a folder for remote users only

######
# This .htaccess file will allow a user to access a resource without
# any authentication, if the user is within a specified network e.g. 
# eng.cam.ac.uk. If they are not, it will cause them to be prompted 
# for a PIN.
######

# First, we set the 'location' restriction. Alter the third line to
# adjust the restriction

Order deny,allow
Deny from all
allow from .eng.cam.ac.uk

# Give a useful description of the resource. It will be
# displayed as: 'You need to log in to use ....'

CWADescription "the web page"

# Enter the userids for allowed users, separated by spaces. They
# should be all on a single line.

require user  abc123 xyz999

#####
# Don't alter anything below this line
#####

AuthType cued-webauth

# This is the bit that says "eng.cam.ac.uk OR CWA login".  Otherwise both would
# be required.

Satisfy any

# EOF

Raven

  CWAAuthClass pi

 
  CWAAuthClass rav

• it isn't possible to limit the access to specific users or years
• it may open the pages to non-CUED members with valid Raven passwords