[cups.general] JobPrivateAccess and JobPrivateValues directives

Michael Sweet msweet at apple.com
Tue Nov 6 10:26:14 PST 2012


On 2012-11-02, at 1:17 PM, Alex Korobkin <korobkin+cups at gmail.com> wrote:
> Hi all, 
> I cannot seem to understand how the JobPrivateAccess and JobPrivateValues directives actually work. My CUPS 1.5.4 Linux server authenticates users against LDAP, and I want it to hide print job names, displaying it only to job owners and cups-admins. 
> My cupsd.conf has single policy, "default". Here is the what I specify in the policy:
> <Policy default>
>   JobPrivateAccess @OWNER @cups-admins
>   JobPrivateValues job-name
> However, job-name is displayed as Unknown (why not Withheld, btw?) to anyone, from anonymous to authenticated ones. I even modified page template and added this stance to be able to see how I'm authenticated to CUPS. 
> <TD>{remote_user=?:You are authenticated as <strong>{remote_user}</strong></TD>

"Unknown" is the placeholder text added by the jobs.tmpl file and the command-line utilities (wherever they report the job-name value...)

> It correctly shows my username, but never shows me any job names: neither my own ones, nor of everyone else. 
> I tried multiple variations of JobPrivateAccess directive, including just "JobPrivateAccess my_username" and "JobPrivateAccess default", but I never see a difference between authenticated and non-authenticated users. 

Can you provide logs (email direct to me if you like) showing the results from cupsdAuthorize? It looks like the web access is not authenticated.

Also, what Linux distribution are you using?

Michael Sweet, Senior Printing System Engineer, PWG Chair

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.cups.org/pipermail/cups/attachments/20121106/b3541976/attachment-0001.html>

More information about the cups mailing list