[cups.general] Confusion about configuring network access to the webinterface
Marcos Otero Garcia
marcos at oterogarcia.de
Tue Jun 29 06:08:07 PDT 2004
Hello,
I'm new to this list and I've got questions concerning the
authentication options in the <Location> directive in the cupsd.conf.
I'm running a debian woody on an x86. Here is a snapshot of the related
package-versions.
> litho:~# apt-show-versions | grep cups
> libcupsys2-dev/stable uptodate 1.1.14-5
> cupsys-pstoraster/stable uptodate 1.1.14-5
> cupsys-driver-gimpprint/stable uptodate 4.2.0-4
> cupsys-client/stable uptodate 1.1.14-5
> libcupsys2/stable uptodate 1.1.14-5
> cupsys/stable uptodate 1.1.14-5
> cupsys-bsd/stable uptodate 1.1.14-5
The Software Administrators Manual available at cups.org explains the
the <Location> directive as follows:
> Note that more specific resources override the less specific ones.
> So the directives inside the /printers/name location will override
> ones from /printers. Directives inside /printers will override
> ones from /. None of the directives are inherited.
Does this realy mean that the ACLs and authentication methods specified
in /printers/XYZ overide the ones in /printers or /?
I've experienced a different behaviour. If I strength the access control
in / it applies to /printers/ and /printers/XYZ too. But if I apply
softer rules to /printers/XYZ than to /printers or / it seems like they
are not recognized by the daemon.
E.g.:
> <Location />
> AuthType Basic
> AuthClass User
> Order Deny,Allow
> Deny From All
> Allow From 127.0.0.1
> Allow From XXX.XXX.XXX.XXX
> </Location>
> <Location /printers>
> AuthType None
> AuthClass Anonymous
> Order Deny,Allow
> Deny From All
> Allow From 127.0.0.1
> Allow From XXX.XXX.XXX.XXX
> </Location>
In this case the /printers section performs equal access control like in
/ instead of behaving like specified in the <Location /printers> directive.
My aim is too require authentication on the webinterface but printing
(i.e. /printers or /printers/XYZ) should be allowed without user
authentication (only host-based access control).
Does anyone can make things clear to me.
Thanks in advance.
Marcos from Hamburg
More information about the cups
mailing list