[cups.general] Conditional authentification based on LAN-IP?

Wed Sep 15 12:33:01 PDT 2010

So if I understand correctly, this will work:

<Location /printers/hp1300>
  Order Allow, Deny
  AuthType Basic
  Satisfy Any
  Allow From 192.168.0.*
  Allow From 192.168.2.*
  Allow From 192.168.3.*
</Location>

Someone in the above LAN's will not be asked to Authenticate... but someone from say 192.168.1.* will?

What happens if I add a 'Require group secretaries professors' in there.  Will the group restriction be enforced for those authenticating from the 192.168.1.* LAN? 

>>  AuthType Basic
>>  Allow From 192.168.1.*
>> </Location>
----- Original Message -----
From: "Michael Sweet" <msweet at apple.com>
To: "Brian Kroth" <bpkroth at gmail.com>, "Mirror of cups.general Newsgroup" <cups at easysw.com>
Cc: "Luc Lalonde" <luc.lalonde at polymtl.ca>
Sent: Wednesday, September 15, 2010 3:05:40 PM GMT -05:00 US/Canada Eastern
Subject: Re: [cups.general] Conditional authentification based on LAN-IP?

Yeah, as long as you don't have the issue of more than two zones the Satisfy Any approach will work.

(and it is like Apache on purpose... :)

On Sep 15, 2010, at 11:21 AM, Brian Kroth wrote:

> You probably want to use a "Satisfy Any" rule.  It's a lot like Apache.
> 
> http://www.cups.org/documentation.php/ref-cupsd-conf.html#Satisfy
> 
> Brian
> 
> Luc Lalonde <luc.lalonde at polymtl.ca> 2010-09-15 14:18:
>> Hello folks,
>> 
>> I'm wondering if it is possible to combine these two rules into one:
>> 
>> <Location /printers/hp1300>
>>  Order Allow, Deny
>>  Allow From 192.168.0.*
>> </Location>
>> 
>> <Location /printers/hp1300_dmz>
>>  Order Allow, Deny
>>  AuthType Basic
>>  Allow From 192.168.1.*
>> </Location>
>> 
>> Basically, these two point to the same printer.  However, I want people to be able to use the printers without having to authenticate if they are on the 192.168.0.* LAN but force authentification on the wireless-dmz LAN (192.168.1.*).
>> 
>> Thanks!
>> 
>>