Policy with multiple cases for different clients
voravit
voravit at kth.se
Thu Jan 24 08:16:20 PST 2008
Well, I actually want to allow one network to print and other networks need to be authenticated first. This should be possible if I use the following configuration, right?
<Limit All>
Order allow,deny
Allow from 192.168.0.0/24
Require user test #or Require valid-user
Satisfy any
</Limit>
However, it didn't work for me. My clients were never authenticated (never been prompt for username/password). I can see in the log saying "No authentication data provided". How do I force CUPS to prompt for authentication?
And for the require syntax, how does it really work? it doesn't seem to check against system user. For valid-user it lets anyone print. But for a fixed user (i.e. test) it just check the user on client machine who send the print-job but never really check against the system users on the print server.
Could you please let me know how can I set up a CUPS print server to authenticate against system user properly?
Thank you very much,
Best regards,
Voravit T.
> voravit wrote:
> > Hi,
> >
> > I would like to set up CUPS policy to have different rules for different machines from different networks. Does anyone have any suggestion?
>
> In general, this is not possible. As I mentioned in a recent posting on
> this subject, the "Satisfy any" directive can be used to allow
> unauthenticated access from specific addresses while others need to be
> authenticated.
>
> However, there is no way to say "for 10.0.0.1, use Basic authentication
> and require membership in group foo, while for 10.0.0.2 use Kerberos and
> require membership in group bar".
>
> --
> ______________________________________________________________________
> Michael R Sweet Senior Printing System Engineer
>
More information about the cups
mailing list