Thanks Larry. The desired behavior I'm wanting is for the web browser to ask for credentials under `basic authentication' in rfc2617. The installed settings handles a http `GET' request with credentials as expected. Without credentials, rather than doing [x] it does [y].
Originally, had I needed, I had in mind to strip DSpace naked (ie. without authentication) and as a temporary fix use `iptables(8)' to control access based on IP. But really, whether the browser or the page prompts for credentials is a cosmetic issue as long as the link is trusted. Best wishes, Van Ly vly at usyd dot edu dot au -- # [x] `401' points to the web browser's sign-on, expected behaviour by end-user 0.000478 num.num.num.103 -> num.num.num.56 HTTP GET / basicAuthTest/ HTTP/1.1 0.000523 num.num.num.56 -> num.num.num.103 TCP http > 54837 [ACK] Seq=1 Ack=576 Win=7040 Len=0 TSV=1837843610 TSER=1974179631 0.002128 num.num.num.56 -> num.num.num.103 HTTP HTTP/1.1 401 Authorization Required (text/html) -- # [y] unexpected behaviour 0.000550 num.num.num.103 -> num.num.num.4 HTTP GET /bitstream/num/ num/1/External.pdf HTTP/1.1 0.000634 num.num.num.4 -> num.num.num.103 TCP http > 54862 [ACK] Seq=1 Ack=601 Win=7040 Len=0 TSV=2843474683 TSER=1974184374 0.047864 num.num.num.4 -> num.num.num.103 HTTP HTTP/1.1 302 Moved Temporarily -- #[y'] `302' points to the DSpace sign-on num.num.num.103 - - [22/Sep/2009:17:04:12 +1000] "GET /bitstream/num/ num/1/External.pdf HTTP/1.1" 302 - num.num.num.103 - - [22/Sep/2009:17:04:12 +1000] "GET /password-login HTTP/1.1" 200 4743 On 11/09/2009, at 12:36 PM, Larry Stone wrote: > If you just want to deny all access based on the requestor's IP > address, that is best done in the web server or servlet container. > If you're using "naked" Tomcat, see the doc for > org.apache.catalina.valves.RemoteAddrValve. If you're using Apache > httpd it's very easy to configure, just see the server docs. > > -- Larry > > On Sep 10, 2009, at 9:50 PM, Van Ly wrote: > >> >> Hi, >> >> I may have a situation where one of the items in the list for >> `plugin.sequence.org.dspace.eperson.AuthenticationMethod' isn't >> behaving as expected. >> >> To work around, if I need to put up a firewall to restrict access >> based on ip-address and bypass the authentication mechanism entirely, >> what would be a way? >> >> Thanks in advance. >> >> Van Ly >> vly at usyd dot edu dot au >> >> >> >> >> >> --------------------------------------------------------------------- >> --------- >> Let Crystal Reports handle the reporting - Free Crystal Reports >> 2008 30-Day >> trial. Simplify your report design, integration and deployment - >> and focus on >> what you do best, core application coding. Discover what's new with >> Crystal Reports now. http://p.sf.net/sfu/bobj-july >> _______________________________________________ >> DSpace-tech mailing list >> [email protected] >> https://lists.sourceforge.net/lists/listinfo/dspace-tech > ------------------------------------------------------------------------------ Come build with us! The BlackBerry® Developer Conference in SF, CA is the only developer event you need to attend this year. Jumpstart your developing skills, take BlackBerry mobile applications to market and stay ahead of the curve. Join us from November 9-12, 2009. Register now! http://p.sf.net/sfu/devconf _______________________________________________ DSpace-tech mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/dspace-tech
