TclHttpd supports access control at two levels.
The most general support is through an access control
procedure, or filter, that is run before each URL
is processed. These filters are registered with the
Url_AccessInstall procedure. See the lib/url.tcl file
for more details about access control filters.
The DocAccessHook procedure provides support for
Apache-style .htaccess files. This is enabled by
default. Here is an explanation
of .htaccess files by Piet Vloet.
Another feature implemented by DocAccessHook is support
for .tclaccess files. These files are short Tcl scripts
that define two variables: "realm" and "callback".
The browser will display the realm string in the password
prompt. The server will invoke the procedure named by
the callback variable to check the password.
Examples using .tclaccess files
-
The first example uses a .tclaccess file in the directory that
specifies a Tcl procedure to run to check the password. Try "tclhttpd" and "I love Tcl",
then check out MyPasswordChecker to
see how easy this can be.
-
Funky auto-login mechanism This uses the AuthNullCallback procedure that
forces you to try to login twice, and then remembers that password until the server restarts.
I'm not sure how useful this really is.
Examples using .htaccess files
To be able to run the examples you have to create the files
/usr/local/htaccess/passwd and /usr/local/htaccess/group.
Samples can be found in the htaccess subdirectory
of the distribution.
The password for a user is identical to its username.
-
Deny access to a host This is a .htaccess example that
denies access to noawe.sun.com.
-
Webmaster Access is allowed to anyone in the group webmaster.
-
Tcl97 It only allows the user tcl97.
-
Multiple Example with multiple "require group" and/or
"require user" entries in a .htaccess file.