Beginner's problem with authentication policyin 1.3.0
John A. Murdie
john at cs.york.ac.uk
Wed Sep 26 08:07:49 PDT 2007
> John A. Murdie wrote:
>
> > I would hope at least to be able to lock out the untrusted clients (on
> > a separate subnet from the trusted clients) if they cannot authenticate
> > by the required means. Unfortunately, I have been unable to do this. I
> > have in cupsd.conf an initial Location directive:
> >
> > <Location />
> > Order allow,deny
> > Allow from trusted/255.255.254.0
> > Allow from unstrusted/255.255.254.0
>
> Are you sure you don't mean
>
> Deny from unstrusted/255.255.254.0
>
> ? *Deny* ?
>
> --
> Kurt Pfeifle
(Sorry for my very slow reply, Kurt; very busy with various things here.)
Yes, I do mean "Allow from untrusted" rather than "Deny from untrusted"; I want to allow these unstrusted clients in, but force them to authenticate themselves. As http://www.cups.org/documentation.php/policies.html says: "operation policies can only add additional security restrictions to a request, never relax them".
(I tried "Deny from untrusted ..." and it did what it was supposed to.)
John A. Murdie
More information about the cups
mailing list