Generated: Mon, 27 Jul 2020 18:57:17 EDT
class Standard . URLprotectedFile {int32 createdLoaderObj;oid dirObj;string nonceValue;string realmName;assoc userPassword;int32 usingDigestMode;string www_authentication;} inherits from Object;
The URLprotectedFile provides a set of services that perform access control to a section of the document tree exported by a web site. Both "Basic" and "Digest" modes, as specified by RFC 2617, are supported. A URLprotectedFile object is normally created by instances of the convenience class HTTPprotectedDirectory.
URLprotectedFile:initialize(any urlDirectory, string dirName, any loaderClassNameOrObject, string realm, string userName, string password)
See the description of HTTPprotectedDirectory:create. The urlDir is the object Id of the associated URLdirectory object. It is normally specified as an object Id, but can be passed as the HTTP server name associated with the URLdirectory object. An object allomorphic to class URLfileLoader is created to be responsible for the protected section of the tree and configured to create cached objects of class HTTPcachedFile. By default, "Basic" authentication is used; "digest" mode is selected by specifying realm as "digest".
URLprotectedFile:addUser(string user, string password, string permittedCmd)
The addUser method enables a new user authorization to be dynamically added to a currently operational site. The user and password arguments are mandatory. If no additional arguments are provided, then GET and HEAD requests are permitted by default. If any permittedCmd are specified, then only the specified commands are permitted. Thus it is possible to permit commands such as DELETE and PUT while disabling commands such as GET and HEAD.
URLprotectedFile:removeUser(string user)
The removeUser method enables a user authorization to be dynamically removed from a currently operational site.
URLprotectedFile:loadPasswordFile(string fileName)
A password database file can be loaded using loadPasswordFile. It is read by a ParseParameterFile object. Passwords are placed in a "passwords" section. Each entry is of the format:
userName password [permittedMethod ...]The special user name "anonymous" provides permissions for unidentified users; the password should be specified as "-".
SECTION passwords anonymous "-" GET HEAD OPTIONS PROPFIND user1 pw1 PUT DELETE GET HEAD POST OPTIONS PROPFIND PROPPATCH MOVE COPY MKCOL LOCK UNLOCK
URLprotectedFile:dumpToFile(any file)
The current contents of the password database can be dumped to a file or an existing object that is allomorphic IOobject. If the file argument is a file name, the indicated file is opened for writing. If file is an object Id, the indicated object is send the data using a single writeVectorOfBytes message.
URLprotectedFile:validateAccess(any data, string HTTPcommand, any opaqueCheckValue)
Validates access to a URI based on the contents of an HTTP "Authorization" header and returns a two-element array indicating:
URLprotectedFile:validateBasicAccess(string data, string HTTPcommand)
Returns a Boolean value indicating whether or not a user is permitted to access this section of the document tree. The current implementation only handles the Basic HTTP authentication type. The data passed as an argument should be obtained from the "authorization" option specified in the HTTP request's MIME header. This method is not normally used directly in preference to validateAccess.
URLprotectedFile:validateDigestAccess(string data, string HTTPcommand, any opaqueCheckValue)
Validates access to a URI based on the contents of an HTTP "Authorization" header and returns a two-element array indicating: