policy questions

Sebastian Haempel haempel at rz.uni-karlsruhe.de
Wed May 14 12:07:59 PDT 2008


I try to setup following scenario: A user can only print, when he is authenticated. For billing reason the authenticated user must be the same user as the "requesting-user-name".
My Problem: with "myPolicy" every random user with a random password can print, but only the authenticated owner of the job can delete his job from the queue. Did i forget some IPP-attributes? is this a configuration issue?
i didn't find the mistake ...

Using self compiled cups 1.3.7 (server) and kprinter (client).


<Policy myPolicy>
   <Limit Send-Document Send-URI Release-Job Hold-Job Restart-Job Purge-Jobs Set-Job-Attributes Create-Job-Subscription Renew-Subscription Cancel-Subscription Get-Notifications Reprocess-Job
 Cancel-Current-Job Suspend-Current-Job Resume-Job CUPS-Move-Job>
    AuthType Basic
    Require user @OWNER @SYSTEM

  <Limit Pause-Printer Resume-Printer Set-Printer-Attributes Enable-Printer Disable-Printer Pause-Printer-After-Current-Job Hold-New-Jobs Release-Held-New-Jobs Deactivate-Printer Activate-P
rinter Restart-Printer Shutdown-Printer Startup-Printer Promote-Job Schedule-Job-After CUPS-Add-Printer CUPS-Delete-Printer CUPS-Add-Class CUPS-Delete-Class CUPS-Accept-Jobs CUPS-Reject-Job
s Suspend-Current-Job CUPS-Set-Default>
   AuthType Basic
   Require user @SYSTEM

  <Limit Cancel-Job CUPS-Authenticate-Job>
    AuthType Basic
    Require user @OWNER @SYSTEM

  <Limit All>

More information about the cups mailing list