Table of Contents

OIL2 Class Standard.URLprotectedFile


class Standard . URLprotectedFile {
        int32   createdLoaderObj;
        oid     dirObj;
        string  nonceValue;
        string  realmName;
        assoc   userPassword;
        int32   usingDigestMode;
        string  www_authentication;
} inherits from Object;

DESCRIPTION

The URLprotectedFile provides a set of services that perform access control to a section of the document tree exported by a web site. Both "Basic" and "Digest" modes, as specified by RFC 2617, are supported. A URLprotectedFile object is normally created by instances of the convenience class HTTPprotectedDirectory.

METHODS


Standard.URLprotectedFile:initialize

URLprotectedFile:initialize(any urlDirectory, string dirName, any loaderClassNameOrObject, string realm, string userName, string password)

Method Description

See the description of HTTPprotectedDirectory:create. The urlDir is the object Id of the associated URLdirectory object. It is normally specified as an object Id, but can be passed as the HTTP server name associated with the URLdirectory object. An object allomorphic to class URLfileLoader is created to be responsible for the protected section of the tree and configured to create cached objects of class HTTPcachedFile. By default, "Basic" authentication is used; "digest" mode is selected by specifying realm as "digest".


Standard.URLprotectedFile:addUser

URLprotectedFile:addUser(string user, string password, string permittedCmd)

Method Description

The addUser method enables a new user authorization to be dynamically added to a currently operational site. The user and password arguments are mandatory. If no additional arguments are provided, then GET and HEAD requests are permitted by default. If any permittedCmd are specified, then only the specified commands are permitted. Thus it is possible to permit commands such as DELETE and PUT while disabling commands such as GET and HEAD.

Return Value

If fromObject is not nil, then zero is returned.


Standard.URLprotectedFile:removeUser

URLprotectedFile:removeUser(string user)

Method Description

The removeUser method enables a user authorization to be dynamically removed from a currently operational site.

Return Value

If fromObject is not nil, then a Boolean value indicating the success of the operation is returned.


Standard.URLprotectedFile:loadPasswordFile

URLprotectedFile:loadPasswordFile(string fileName)

Method Description

A password database file can be loaded using loadPasswordFile. It is read by a ParseParameterFile object. Passwords are placed in a "passwords" section. Each entry is of the format:

userName password [permittedMethod ...]
The special user name "anonymous" provides permissions for unidentified users; the password should be specified as "-".
SECTION passwords
anonymous "-" GET HEAD OPTIONS PROPFIND
user1 pw1 PUT DELETE GET HEAD POST OPTIONS PROPFIND PROPPATCH MOVE COPY MKCOL LOCK UNLOCK

Return Value

If successful, zero is returned; otherwise an error is indicated by a return value of -1.


Standard.URLprotectedFile:dumpToFile

URLprotectedFile:dumpToFile(any file)

Method Description

The current contents of the password database can be dumped to a file or an existing object that is allomorphic IOobject. If the file argument is a file name, the indicated file is opened for writing. If file is an object Id, the indicated object is send the data using a single writeVectorOfBytes message.

Return Value

If fromObject is not nil, an indication of the success of the operation is returned. An error is indicated by a value of -1; otherwise a count of the number of user records written is returned.


Standard.URLprotectedFile:validateAccess

URLprotectedFile:validateAccess(any data, string HTTPcommand, any opaqueCheckValue)

Method Description

Validates access to a URI based on the contents of an HTTP "Authorization" header and returns a two-element array indicating:

0
a Boolean value indicating success (0 = no access permited)
1
WWW-Authenticate header line(s) and
Both "Basic" and "Digest" authentication modes are detected and handled using validateBasicAccess and validateDigestAccess, respectively.


Standard.URLprotectedFile:validateBasicAccess

URLprotectedFile:validateBasicAccess(string data, string HTTPcommand)

Method Description

Returns a Boolean value indicating whether or not a user is permitted to access this section of the document tree. The current implementation only handles the Basic HTTP authentication type. The data passed as an argument should be obtained from the "authorization" option specified in the HTTP request's MIME header. This method is not normally used directly in preference to validateAccess.


Standard.URLprotectedFile:validateDigestAccess

URLprotectedFile:validateDigestAccess(string data, string HTTPcommand, any opaqueCheckValue)

Method Description

Validates access to a URI based on the contents of an HTTP "Authorization" header and returns a two-element array indicating:

0
a Boolean value indicating success (0 = no access permited)
1
WWW-Authenticate header line(s) and
The data passed as an argument should be obtained from the "authorization" option specified in the HTTP request's MIME header. The optional argument opaqueCheckValue can be used to require an additional validation parameter. The use of this parameter invariably results in the user being prompted for verification of her credentials on a per-request basis, so it should only be used in special cases. This method is not normally used directly in preference to validateAccess.


Generated: Wed, 14 Mar 2012 02:52:23 EDT
Support Information