[cups.general] Conditional authentification based on LAN-IP?
Luc Lalonde
luc.lalonde at polymtl.ca
Wed Sep 15 12:33:01 PDT 2010
So if I understand correctly, this will work:
<Location /printers/hp1300>
Order Allow, Deny
AuthType Basic
Satisfy Any
Allow From 192.168.0.*
Allow From 192.168.2.*
Allow From 192.168.3.*
</Location>
Someone in the above LAN's will not be asked to Authenticate... but someone from say 192.168.1.* will?
What happens if I add a 'Require group secretaries professors' in there. Will the group restriction be enforced for those authenticating from the 192.168.1.* LAN?
>> AuthType Basic
>> Allow From 192.168.1.*
>> </Location>
----- Original Message -----
From: "Michael Sweet" <msweet at apple.com>
To: "Brian Kroth" <bpkroth at gmail.com>, "Mirror of cups.general Newsgroup" <cups at easysw.com>
Cc: "Luc Lalonde" <luc.lalonde at polymtl.ca>
Sent: Wednesday, September 15, 2010 3:05:40 PM GMT -05:00 US/Canada Eastern
Subject: Re: [cups.general] Conditional authentification based on LAN-IP?
Yeah, as long as you don't have the issue of more than two zones the Satisfy Any approach will work.
(and it is like Apache on purpose... :)
On Sep 15, 2010, at 11:21 AM, Brian Kroth wrote:
> You probably want to use a "Satisfy Any" rule. It's a lot like Apache.
>
> http://www.cups.org/documentation.php/ref-cupsd-conf.html#Satisfy
>
> Brian
>
> Luc Lalonde <luc.lalonde at polymtl.ca> 2010-09-15 14:18:
>> Hello folks,
>>
>> I'm wondering if it is possible to combine these two rules into one:
>>
>> <Location /printers/hp1300>
>> Order Allow, Deny
>> Allow From 192.168.0.*
>> </Location>
>>
>> <Location /printers/hp1300_dmz>
>> Order Allow, Deny
>> AuthType Basic
>> Allow From 192.168.1.*
>> </Location>
>>
>> Basically, these two point to the same printer. However, I want people to be able to use the printers without having to authenticate if they are on the 192.168.0.* LAN but force authentification on the wireless-dmz LAN (192.168.1.*).
>>
>> Thanks!
>>
>>
More information about the cups
mailing list