ITS and UVa logos for printed output

MyGroups

Authorizing Website Access Examples

One of the ways you can use MyGroups is to authorize access to all or a portion of a website. NetBadge and .htaccess may be used to control and authorize group access to any website residing on the blue.unix.virginia.edu UNIX cluster, which includes www.virginia.edu and many departmental websites, as well as the ITSWeb server at www.itc.virginia.edu.

Your website must be hosted on the blue.unix.virginia.edu UNIX cluster or the ITSWeb server and you have created or are a member of a MyGroups group to use for authorizing access to your website.

Authorize Website Access to a Single MyGroups Group

Create a .htaccess file similar to the one below when you want to grant access to a single MyGroups group. Anyone whose UVa computing ID appears in the group listed in the require line will be authorized to access the website.

Sample .htaccess File 

AuthType NetBadge
PubcookieAppId "LDAP group test"
#
# Group authorization:
#
require ldap-group cn=DirectoryGroupsCDP,ou=Groups,o=University of Virginia,c=US
  1. The first line of your .htacess file should be identical to the line above: 
    AuthType NetBadge
  2. Insert the name of your application ID after PubcookieAppid. If your application ID contains spaces, as in the example above, enclose the ID in double quotes.
  3. The lines that begin with the pound sign (#) are comments that you may add to your .htaccess file to separate lines of code and add explanatory text.
  4. Insert the name of your MyGroups group in place of DirectoryGroupsCDP after cn= in the require line. All other fields in this line should remain identical to the example above.

Authorize Website Access to Multiple MyGroups Groups

Create a .htaccess file similar to the one below when you want to grant website access to the members of multiple MyGroups groups. Anyone whose UVa computing ID appears in at least one of the MyGroups groups listed in the require lines will be authorized to access the website.

Sample .htaccess File 

AuthType NetBadge
PubcookieAppId "LDAP group test"
#
# Group authorization:
#
require ldap-group cn=Tester,ou=Groups,o=University of Virginia,c=US
require ldap-group cn=YetAnotherTestGroup,ou=Groups,o=University of Virginia,c=US
require ldap-group cn=seas-ittest,ou=Groups,o=University of Virginia,c=US
require ldap-group cn=mollytest,ou=Groups,o=University of Virginia,c=US
require ldap-group cn=hsl-proxy-users,ou=Groups,o=University of Virginia,c=US

  Page Updated: 2012-02-16

Standards & Policy

University of Virginia
Information Technology Services
2015 Ivy Road
P.O. Box 400324
Charlottesville, Virginia, 22904-4324 USA

UVa Help Desk: 434-924-HELP (434-924-4357) • 4help@virginia.edu

Page Updated: 2012-02-16; © 2012 by the Rector and Visitors of the University of Virginia.

The information contained on the University of Virginia’s Department of Information Technology Services (ITS) website is provided as a public service with the understanding that ITS makes no representations or warranties, either expressed or implied, concerning the accuracy, completeness, reliability or suitability of the information, including warrantees of title, non-infringement of copyright or patent rights of others. These pages are expected to represent the University of Virginia community and the State of Virginia in a professional manner in accordance with the University of Virginia’s Computing Policies.