Web Publishing—krb

Related Information

Columbia Website Authentication
Web Publishing—Affiliations
Web Publishing—non-Columbia User Authentication
Web Publishing—Using the Regular Server

If you choose to use the University Network IDs (UNIs), unix groups and/or affiliations in the lookup database for authentication for your files on the secure server, then you should enter the following line into your .htaccess file:

AuthKrbUserType krb

Here is an example of a .htaccess file that will allow access to anyone with a valid Columbia UNI:

AuthType Basic
AuthName "test"
AuthKrbUserType krb
Allow from all
Require valid-user

The next example limits access to Barnard College students plus one user with the UNI of zm4:

AuthType Basic
AuthName "test"
AuthKrbUserType krb
Satisfy any
Deny from all
Require group BCstudent
Require user zm4

The next example limits access to Barnard College students, the user with the UNI of zm4 and anyone in the unix group rad:

AuthType Basic
AuthName "test"
AuthKrbUserType krb
Satisfy any
Deny from all
Require group BCstudent CUNIX_rad
Require user zm4

There are many more affiliations that you can use just like BCstudent, or you can list each individual user in "require user." You must use the secure server for your protected directory. Be sure to provide your users with a log out as well.

If you have users without a Columbia affiliation, you will need to follow the directions for non-Columbia users.