Restrict access to files

Hi,
i'm trying to restrict acccess to all the files ending with ~ in my server , i couldn't do it. I try to deny access for files ending with ~. I have sun one webserver 6.1 sp1 in a sunfire solaris 9 machine. i tryed to do what is written in the documentation using the wildcard *.*~ and deny all order but this close all the server not only the ~ files. i don't know what happen why the server can't understand.
May be is imposible to restrict files in all the server?
thanks!

meena.vyas and jyri, please note that the uri parameter specifies a wildcard pattern. As stated in the the Using Wildcard Patterns section of the NSAPI Programmer's Guide at http://docs.sun.com/source/817-6252/npgwldcrd.html, ~ is a special character in wildcard patterns. As such, your examples will not work.
ylapin, the following should do what you want:<Client uri="*\\~">
PathCheck fn="deny-existence"
</Client>You can add the above immediately below the <Object name="default"> line in the obj.conf configuration file.

Similar Messages

Again question about restricting access to files through URL?

I found many topics about this, but every time it is some special case.
I want to ask it simple. How can I restrict access to some files in my application through entering URL in Browser, no matter if I am logged or not.
For example I have included JSP files with jspf extension. I don't want to access them through url. How can I do this?

May be it will work, but it seems somehow workaround decision - one half of jsp files in one place and another part in other place.
Message was edited by:
cheltsov

Restrict access to files with JAAS

Hi,
I would like to restrict access based on a JAAS-autenticated user to a file named
c:/foo.txt. I have written some code that checks if the autenticeted user has
access to the file, but how and where do I grant the user access with JAAS in
WebLogic Server 6.
FilePermission filePerm = new FilePermission("c:/foo.txt", "read");
java.security.AccessController.checkPermission(filePerm);
thanks
/Chriz

meena.vyas and jyri, please note that the uri parameter specifies a wildcard pattern. As stated in the the Using Wildcard Patterns section of the NSAPI Programmer's Guide at http://docs.sun.com/source/817-6252/npgwldcrd.html, ~ is a special character in wildcard patterns. As such, your examples will not work.
ylapin, the following should do what you want:<Client uri="*\\~">
PathCheck fn="deny-existence"
</Client>You can add the above immediately below the <Object name="default"> line in the obj.conf configuration file.

Restricted access Simple File Deployment

Hello,
I have installed CPS on tomcat on a Windows testing box. I've
configured it and Contribute to use a stagging server.
Everything is working great. However, on the web page for the
Simple File Deployment service (
http://<server:<port>/.../customservices/filedeployer/>
for testing purposes I'm not using SSL - is that required?) anyone
can access this page. Well I want to limit that to only a few.
Right now I'm using the File-bases authentication model.
Reading the contribute publishing services manual I read:
"When you extend this service, consider adding the following
functionality:
• Authentication and permissions
You can add authentication functionality to limit access to
the service.
Tip: Macromedia strongly recommends that you add
authentication. To do so, you can simply
copy the settings file and save it as a separate service in a
subfolder for each website, or you can
write you own security interface to handle multiple
websites."
I'm confushed by this. 1) what settings file? I have two
types of settings.xml files (one for determing live and staging
servers and another that has info for webservers, approvals and
etc.) but they dont have any authenticaion info for CPS server.
2) what folders on what server is the above statement
refering to?
Thank you very much.

I believe you need ColdFusion for Simple File Deployment and
the other options you mention - VERY expensive. For publishing, use
RoboCopy - it's free.

Can't access shared files

I have set up a shared folder in OS X 10.6 server for my workgroup. This folder is on the second hard drive (non-boot) of a two-drive Mac Mini server. When I log in I can see all the files, but whenever anyone else in the group logs in, they do not have permission. I setup permission for this shared point in server admin so that all members of the group have read and write permission. I verified this for each member using the Effective Permissions Inspector.
Suggestions for how to gain access to the shared folder?

I think you have your use of "dweeb" reversed. A dweeb knows what a SACL is. Or did I mix up dweeb and nerd again?
File Services Access Control
Server Admin in Mac OS X Server enables you to configure service access control lists (SACLs), which enable you to specify which users and groups have access to AFP, FTP, and SMB file services.
Using SACLs enables you to add another layer of access control on top of standard POSIX and ACL permissions. Only users and groups listed in a SACL have access to its corresponding service. For example, if you want to prevent users from accessing a server’s AFP share points, including home folders, remove the users from the AFP service’s SACL.
For information about restricting access to file services using SACLs, see “Setting SACL Permissions” on page 62.
This text extracted from the Mac OS X Server File Services manual.

How to restrict users to access the files directly from /irj/go/km/docs/doc

Dear Experts,
I have made a folder in KM where I have saved some files, and also I have made a application from where user can access those files.
But the users are able to access the files by directly typing the path of the file in internet explorer, I have to restrict it that the user should not be able to access the files directly.
Please give your helpful suggestions.
Warm Regards
Upendra Agrawal
Edited by: Upendra Agrawal on May 15, 2009 4:49 PM

Hello,
You can have a link/button react to a mouse clic by reading the KM document and putting it on the htpp flux with the correct header (this is the same kind of code that is used when you generate the pdf). As the file access is in you server-code, user will not have access to the URL...
an exemple for the WD Java (coming from this [PDF|https://www.sdn.sap.com/irj/scn/go/portal/prtroot/docs/library/uuid/d0cc41cb-9576-2b10-99a6-ab90ef28c73b]), with slight modifications :
public void exportToPDF( ) {
   //@@begin exportToPDF()
   ByteArrayOutputStream outputStream = null;
   outputStream = new ByteArrayOutputStream();
   // read the file with KM API and copy it to the outputStream
   showPopUp(WDWebResourceType.PDF, outputStream, "PDF Out Put");
   outputStream.close();
//@@end
regards
Guillaume

A custom filter or module, such as URLScan, restricts access to the file.

My btns do not work, I think becuase I added this:
import flash.display.Sprite;
    import flash.net.navigateToURL;
    import flash.net.URLRequest;
    import flash.net.URLVariables;
to my time line code in an attempt to get four btns to funtion out correctly with a navigateToURL "_self".
Now the IIS browser reads "custom filter or module, such as URLScan, restricts access to the file".
Where can I find these filters and destroy them...please?
Sabby76

You might want to find out what purpose the filter(s) serve(s) before destroying (disabling/removing) it/them. For example, URLScan is there to prevent potentially harmful requests from being processed by IIS, and is configurable.

Unable to restrict afp folder access using File Sharing in System Prefs

If I share files using AFP, and authenticate using a standard account from another machine on the LAN, I can browse and access ALL files and folders on the machine, not just those specified under "Shared Folders" in System Preferences->Sharing->File Sharing. Machine is running OS 10.6.5.

...You shouldn't be able to authenticate as a user/account that is not on the local machine.
Also for each item listed in Sharing Preferences, you have to specify POSIX permissions for specific users, check to make sure 'everyone' isn't set to read and write.

How to read a file which as restricted access

Hi all.
Lets say I have two users User1 and User2
I have created a servlet which needs to read a file.
Lets say the owner of the file is User1.
So User2 cannot access this file.
This is on windows platform.
The problem is that the Servlet cannot know owner of its user.
Servlet run's as anonymous, so the user as to enter his userName and Password.
This is fine with me.
But after this how do I use this to read that file.
I have no clue on how to use this information to read this file.
Examples if any will be very helpful.
Thanks for your help in advance.

Well, you'd hardly write a servlet that can access any file on your server, not exactly good security. Rather it needs to be confined to specific files or, at least, specific directories. The server can't change it's user identity, so it needs access to all files, but it's easy enough for the serlvet to have some mapping which tells it which files may be server to which users.

SSH login- how do I restrict access to a shared folder?

I have created Shares in WGM for SMB and AFP access on my OS X 10.4.8 Server. However when I connect via SSH it's not restricting access to the folder based on the User Name I login with- I see the entire volume! How do I restrict access to a specific folder based on a user name setup in WGM? ACL's?

Hey George,
It sounds like you are trying to limit ssh/sftp users to a specific area, aka jails. The FTP server lets you 'chroot' users to a certain area making it appear as the root thus preventing them from navigating up the hierarchy, which is what I think you, and me and many others are trying to accomplish.
The ssh compiled into OS X is missing this very needed feature. There have been a few documented workarounds, but they've either been too insecure or too clunky for me.
I've dealt with the fact that my users can get to the root of the hard drive, and have just been very careful about my privileges (by using ACLs), thus preventing them from getting inside areas they shouldn't.
There's a good write up here: http://www.schwie.com/brad/macosxsftpchroot/ and if you include the term 'chroot' in your searches, you should find a bit about it here too.
And Roger, I think George meant the file sharing protocol used by ssh. man sftp.

How can I restrict access to add. internal hard drive by account?

Hello! Okay, so I am my computer's administrator, and I have a secondary 'guest' account that anyone else can use. So, I know that all my data on my main, OS hard drive is secure from the guest account accessing it, but what about the additional hard drive that I have installed?
I have a good deal of sensitive data and files stored (and aliased) on my second internal drive that I do not care for 'guest' users to stumble upon. How can I restrict access to the secondary storage hard drive from my Guest login account, and/or just plain hide it from it? Surely, there is a need for this that has brought about a solution. Any tips/advice/solutions?
Thanks!!!
=)

Click here and follow the instructions followed by placing the folders and files on the image; if the password is in the keychain, it will be supplied whenever you're logged in.
(41018)

Access a file which is in local network via jsp

i try to access some files from a system in the network.
i couldn't make it through jsp and servlet
im using tomcat webserver.
but in core java it works finely.
the below r the example code...
core java coding(It works)
class a
public static void main(String ar[])
String a="//software2/d$/Daily Shipment Backup";
      java.io.File f=new java.io.File(a);
      if(f.exists())   //whether the directory exists
System.out.println("Exists");
      else
System.out.println("Error");
}jsp coding
<html>
<%
String a="//software2/d$/Daily Shipment Backup";
         java.io.File f=new java.io.File(a);
      if(f.exists())
out.println("Exists");
      else
out.println("Error");
%>
</html>

Tomcat (And other JSP/Servlet containers) have security restrictions which disallow you from accessing the local/remote file system. You will probably need to modify your security policy settings
I believe Tomcat stores this file in $CATALINA_HOME/conf/catalina.policy
You can read more here.
http://jakarta.apache.org/tomcat/tomcat-4.1-doc/security-manager-howto.html
Hope this helps
-Jeff

How do I restrict access to a folder-like attaching a password in order for someone to open it.

I want to locate a folder on my desktop, but want to restrict access so that anyone on my laptop can't access the folder, even though they will see it sitting on the desktop. How do I set up folder permissions?

Any file on YOUR desktop already has permissions set such that no other user account can access. But if you want to use the OS's native capability to encrypt the contents of a folder, place that folder within an encrypted image.
Use Disk Utility to create a disk image, and encrypt it with the same utility (use settings in "new image") . Make sure you size the image to a size great enough to hold all your files. Once created, and placed on your desktop, open it, using your password. Once the image is mounted, place the files you want to protect into that image, and then dismount/eject the image. The image essentially becomes your password encrypted folder. Double click it at any time to access your files (enter password). Eject the mounted image to "re-encrypt".
If you want a disk image that has cross platform capability, then try TrueCrypt. It is great App for Mac & Windows, with other advantages as well.

Restrict Access To Page Not Working with Different Auth Levels

I have just started playing with the idea of using different auth levels to allow different users access to certain pages on my site.
Within my SQL database I have a authlevel table consisting of 3 possible levels (guest, user, admin)
I am using the Dreamweaver "Log in user" to log in users based on username, pass, and auth level and "Restrict access to page" set to allow user levels 'user' and 'admin'.
The problem, however, occurs when trying to log in. No matter what auth level I try I am redirected to my page where users should be redirected if they are not allowed to enter that page.
I have included below my code from my login page and the page where all authorized users (user and admin) should be directed upon entering the restricted area.
Login Page:
<?php require_once('../Connections/hondovfd.php'); ?>
<?php
if (!function_exists("GetSQLValueString")) {
function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "")
if (PHP_VERSION < 6) {
    $theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue;
$theValue = function_exists("mysql_real_escape_string") ? mysql_real_escape_string($theValue) : mysql_escape_string($theValue);
switch ($theType) {
    case "text":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
      break;
    case "long":
    case "int":
      $theValue = ($theValue != "") ? intval($theValue) : "NULL";
      break;
    case "double":
      $theValue = ($theValue != "") ? doubleval($theValue) : "NULL";
      break;
    case "date":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
      break;
    case "defined":
      $theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
      break;
return $theValue;
?>
<?php
// *** Validate request to login to this site.
if (!isset($_SESSION)) {
session_start();
$loginFormAction = $_SERVER['PHP_SELF'];
if (isset($_GET['accesscheck'])) {
$_SESSION['PrevUrl'] = $_GET['accesscheck'];
if (isset($_POST['username'])) {
$loginUsername=$_POST['username'];
$password=$_POST['password'];
$MM_fldUserAuthorization = "authlevel";
$MM_redirectLoginSuccess = "/membersonly/membersonly.php";
$MM_redirectLoginFailed = "/membersonly/loginfailed.php";
$MM_redirecttoReferrer = false;
mysql_select_db($database_hondovfd, $hondovfd);
$LoginRS__query=sprintf("SELECT username, password, authlevel FROM login WHERE username=%s AND password=%s",
GetSQLValueString($loginUsername, "text"), GetSQLValueString($password, "text"));
$LoginRS = mysql_query($LoginRS__query, $hondovfd) or die(mysql_error());
$loginFoundUser = mysql_num_rows($LoginRS);
if ($loginFoundUser) {
    $loginStrGroup = mysql_result($LoginRS,0,'authlevel');
    //declare two session variables and assign them
    $_SESSION['MM_Username'] = $loginUsername;
    $_SESSION['MM_UserGroup'] = $loginStrGroup;
    if (isset($_SESSION['PrevUrl']) && false) {
      $MM_redirectLoginSuccess = $_SESSION['PrevUrl'];
    header("Location: " . $MM_redirectLoginSuccess );
else {
    header("Location: ". $MM_redirectLoginFailed );
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />

<title>Log In</title>

<meta name="description" content="Hondo Fire and Rescue serves the Arroyo Hondo and Canada Village areas of Santa Fe County, NM." />
<meta name="keywords" content="hondo, hondo fire, hondo vfd, hondo fire department, santa fe county fire department, santa fe county, volunteer fire department, hondo volunteer fire department" />
<link href="../stylesheet.css" type="text/css" rel="stylesheet" />

<script src="../SpryAssets/SpryMenuBar.js" type="text/javascript"></script>
<link href="../SpryAssets/SpryMenuBarVertical.css" rel="stylesheet" type="text/css" />
</head>
<body class="thrColLiqHdr">
<div id="container">
<div id="header"></div>
<div id="sidebar1">
<h3>Navigation : </h3>
<ul id="MenuBar1" class="MenuBarVertical">
<li><a href="/index.php">Home</a></li>
<li><a href="/support.php">Support Hondo</a></li>
<li><a class="MenuBarItemSubmenu" href="#">Information Menu</a>
    <ul>
      <li><a href="/people.php">Our People</a></li>
      <li><a href="http://www.google.com/maps/ms?ie=UTF8&hl=en&msa=0&msid=101620713606637979698.00045b6ead4ab4ea70b78&z=11" target="_blank">Response Area</a></li>
      <li><a href="/medical.php">Medical</a></li>
      <li><a href="/apparatus.php">Apparatus</a></li>
      <li><a href="/training.php">Training</a></li>
      <li><a href="/volunteer.php">Volunteer</a></li>
      <li><a href="/statistics.php">Statistics</a></li>
      <li><a href="/patchtrading.php">Patch Trading</a></li>
    </ul>
</li>
<li><a href="/album.php">Photo Gallery</a></li>
<li><a href="/calendar.php">Calendar</a></li>
<li><a href="/news.php">Blog/News</a></li>
<li><a href="/links.php">Links</a></li>
<li><a href="/contact.php">Contact Us</a></li>
</ul>
<br />
<form action="https://www.paypal.com/cgi-bin/webscr" method="post">
<span class="lefttext">
<input type="hidden" name="cmd" value="_s-xclick">
<input type="hidden" name="hosted_button_id" value="8567201">
<input type="image" src="https://www.paypal.com/en_US/i/btn/btn_donate_LG.gif" border="0" name="submit" alt="PayPal - The safer, easier way to pay online!" />
<img alt="" border="0" src="https://www.paypal.com/en_US/i/scr/pixel.gif" width="1" height="1">
</img></input></input>
</span>
</form>
<span class="lefttext"><br />
</span>
<center>
<span class="lefttext"><a href="http://www.facebook.com/pages/Santa-Fe-NM/Hondo-Volunteer-Fire-Department/74284233488" target="_blank" class="lefttext">Hondo VFD on Facebook</a></span>
</center>
</div>
<div id="sidebar2">
    <p><a href="/membersonly/login.php">Log In</a> | <a href="/membersonly/logout.php">Log Out</a></p>
    <p>Call Statistics for <?php
$myFile = "/var/home/hondovfd/hondovfd.org/www/membersonly/month.txt";
$fh = fopen($myFile, 'r');
$theData = fread($fh, filesize($myFile));
fclose($fh);
echo $theData;
?> as of <?php
$myFile = "/var/home/hondovfd/hondovfd.org/www/membersonly/date.txt";
$fh = fopen($myFile, 'r');
$theData = fread($fh, filesize($myFile));
fclose($fh);
echo $theData;
?></p>
<table width="90%" border="0" cellspacing="0" cellpadding="0">
<tr>
    <td width="60%">EMS Calls</td>
    <td width="40%"><?php
$myFile = "/var/home/hondovfd/hondovfd.org/www/membersonly/emscalls.txt";
$fh = fopen($myFile, 'r');
$theData = fread($fh, filesize($myFile));
fclose($fh);
echo $theData;
?></td>
</tr>
<tr>
    <td>Fire Calls</td>
    <td><?php
$myFile = "/var/home/hondovfd/hondovfd.org/www/membersonly/firecalls.txt";
$fh = fopen($myFile, 'r');
$theData = fread($fh, filesize($myFile));
fclose($fh);
echo $theData;
?></td>
</tr>
</table>
<hr />
    <div id="cse" style="width:100%;">Loading</div>
<script src="http://www.google.com/jsapi" type="text/javascript"></script>
<script type="text/javascript">
google.load('search', '1');
google.setOnLoadCallback(function(){
    new google.search.CustomSearchControl().draw('cse');
}, true);
</script>
     
</div>

<div id="mainContent">
<div class="top"></div><div class="wrap">
<table width="100%" border="0" cellspacing="0" cellpadding="0">
<tr>
    <td height="47" class="h2">Members Only Login</td>
</tr>
<tr>
    <td><form ACTION="<?php echo $loginFormAction; ?>" id="login" name="login" method="POST">
    <table width="40%" border="0" cellspacing="0" cellpadding="0">
<tr>
    <td width="31%">Username:</td>
    <td width="69%"><input name="username" type="text" /></td>
</tr>
<tr>
    <td>Password</td>
    <td><input name="password" type="password" /></td>
</tr>
</table>
<input name="Submit" type="submit" />
    </form></td>
</tr>
</table>

</div>
<div class="bottom"></div>
</div>
      <br class="clearfloat" />
<div id="footer">
    <p align="center">© Copyright 2009 Hondo Volunteer Fire Department | <a href="mailto:[email protected]">Contact Us</a><a href="http://www.legalhelpers.com/chapter-13-bankruptcy/chapter13.html"></a><br />Hosting provided by <a href="http://studiox.com/" target="_blank">Studio X</a></p>
</div>
</div>
<script type="text/javascript">

</script>
<?php include_once("/var/home/hondovfd/hondovfd.org/www/analyticstracking.php"); ?>
</body>
</html>
Other Page:
<?php
if (!isset($_SESSION)) {
session_start();
$MM_authorizedUsers = "user,admin";
$MM_donotCheckaccess = "false";
// *** Restrict Access To Page: Grant or deny access to this page
function isAuthorized($strUsers, $strGroups, $UserName, $UserGroup) {
// For security, start by assuming the visitor is NOT authorized.
$isValid = False;
// When a visitor has logged into this site, the Session variable MM_Username set equal to their username.
// Therefore, we know that a user is NOT logged in if that Session variable is blank.
if (!empty($UserName)) {
    // Besides being logged in, you may restrict access to only certain users based on an ID established when they login.
    // Parse the strings into arrays.
    $arrUsers = Explode(",", $strUsers);
    $arrGroups = Explode(",", $strGroups);
    if (in_array($UserName, $arrUsers)) {
      $isValid = true;
    // Or, you may restrict access to only certain users based on their username.
    if (in_array($UserGroup, $arrGroups)) {
      $isValid = true;
    if (($strUsers == "") && false) {
      $isValid = true;
return $isValid;
$MM_restrictGoTo = "/membersonly/loginfailed.php";
if (!((isset($_SESSION['MM_Username'])) && (isAuthorized("",$MM_authorizedUsers, $_SESSION['MM_Username'], $_SESSION['MM_UserGroup'])))) {
$MM_qsChar = "?";
$MM_referrer = $_SERVER['PHP_SELF'];
if (strpos($MM_restrictGoTo, "?")) $MM_qsChar = "&";
if (isset($QUERY_STRING) && strlen($QUERY_STRING) > 0)
$MM_referrer .= "?" . $QUERY_STRING;
$MM_restrictGoTo = $MM_restrictGoTo. $MM_qsChar . "accesscheck=" . urlencode($MM_referrer);
header("Location: ". $MM_restrictGoTo);
exit;
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />

<title>Members Only Area</title>

<meta name="description" content="Hondo Fire and Rescue serves the Arroyo Hondo and Canada Village areas of Santa Fe County, NM." />
<meta name="keywords" content="hondo, hondo fire, hondo vfd, hondo fire department, santa fe county fire department, santa fe county, volunteer fire department, hondo volunteer fire department" />
<link href="../stylesheet.css" type="text/css" rel="stylesheet" />

<script src="../SpryAssets/SpryMenuBar.js" type="text/javascript"></script>
<link href="../SpryAssets/SpryMenuBarVertical.css" rel="stylesheet" type="text/css" />
</head>
<body class="thrColLiqHdr">
<div id="container">
<div id="header"></div>
<div id="sidebar1">
<h3>Navigation : </h3>
<ul id="MenuBar1" class="MenuBarVertical">
<li><a href="/index.php">Home</a></li>
<li><a href="/support.php">Support Hondo</a></li>
<li><a class="MenuBarItemSubmenu" href="#">Information Menu</a>
    <ul>
      <li><a href="/people.php">Our People</a></li>
      <li><a href="http://www.google.com/maps/ms?ie=UTF8&hl=en&msa=0&msid=101620713606637979698.00045b6ead4ab4ea70b78&z=11" target="_blank">Response Area</a></li>
      <li><a href="/medical.php">Medical</a></li>
      <li><a href="/apparatus.php">Apparatus</a></li>
      <li><a href="/training.php">Training</a></li>
      <li><a href="/volunteer.php">Volunteer</a></li>
      <li><a href="/statistics.php">Statistics</a></li>
      <li><a href="/patchtrading.php">Patch Trading</a></li>
    </ul>
</li>
<li><a href="/album.php">Photo Gallery</a></li>
<li><a href="/calendar.php">Calendar</a></li>
<li><a href="/news.php">Blog/News</a></li>
<li><a href="/links.php">Links</a></li>
<li><a href="/contact.php">Contact Us</a></li>
</ul>
<br />
<form action="https://www.paypal.com/cgi-bin/webscr" method="post">
<span class="lefttext">
<input type="hidden" name="cmd" value="_s-xclick">
<input type="hidden" name="hosted_button_id" value="8567201">
<input type="image" src="https://www.paypal.com/en_US/i/btn/btn_donate_LG.gif" border="0" name="submit" alt="PayPal - The safer, easier way to pay online!" />
<img alt="" border="0" src="https://www.paypal.com/en_US/i/scr/pixel.gif" width="1" height="1">
</img></input></input>
</span>
</form>
<span class="lefttext"><br />
</span>
<center>
<span class="lefttext"><a href="http://www.facebook.com/pages/Santa-Fe-NM/Hondo-Volunteer-Fire-Department/74284233488" target="_blank" class="lefttext">Hondo VFD on Facebook</a></span>
</center>
</div>
<div id="sidebar2">
    <p><a href="/membersonly/login.php">Log In</a> | <a href="/membersonly/logout.php">Log Out</a></p>
    <p>Call Statistics for <?php
$myFile = "/var/home/hondovfd/hondovfd.org/www/membersonly/month.txt";
$fh = fopen($myFile, 'r');
$theData = fread($fh, filesize($myFile));
fclose($fh);
echo $theData;
?> as of <?php
$myFile = "/var/home/hondovfd/hondovfd.org/www/membersonly/date.txt";
$fh = fopen($myFile, 'r');
$theData = fread($fh, filesize($myFile));
fclose($fh);
echo $theData;
?></p>
<table width="90%" border="0" cellspacing="0" cellpadding="0">
<tr>
    <td width="60%">EMS Calls</td>
    <td width="40%"><?php
$myFile = "/var/home/hondovfd/hondovfd.org/www/membersonly/emscalls.txt";
$fh = fopen($myFile, 'r');
$theData = fread($fh, filesize($myFile));
fclose($fh);
echo $theData;
?></td>
</tr>
<tr>
    <td>Fire Calls</td>
    <td><?php
$myFile = "/var/home/hondovfd/hondovfd.org/www/membersonly/firecalls.txt";
$fh = fopen($myFile, 'r');
$theData = fread($fh, filesize($myFile));
fclose($fh);
echo $theData;
?></td>
</tr>
</table>
<hr />
    <div id="cse" style="width:100%;">Loading</div>
<script src="http://www.google.com/jsapi" type="text/javascript"></script>
<script type="text/javascript">
google.load('search', '1');
google.setOnLoadCallback(function(){
    new google.search.CustomSearchControl().draw('cse');
}, true);
</script>
     
</div>

<div id="mainContent">
<div class="top"></div><div class="wrap">
    <table width="100%" border="0" cellspacing="0" cellpadding="0">
<tr>
    <td height="47" class="h2">Members Only Area</td>
</tr>
<tr>
    <td><p><a href="/membersonly/documents.php">Useful Documents</a></p>
      <p><a href="/membersonly/IncidentCount01_08.pdf">Current Call Statistics</a> as of 9/3/09</p>
      </td>
</tr>
</table>
<script type="text/javascript">

</script>
</div>
<div class="bottom"></div>
</div>
      <br class="clearfloat" />
<div id="footer">
    <p align="center">© Copyright 2009 Hondo Volunteer Fire Department | <a href="mailto:[email protected]">Contact Us</a><a href="http://www.legalhelpers.com/chapter-13-bankruptcy/chapter13.html"></a><br />Hosting provided by <a href="http://studiox.com/" target="_blank">Studio X</a></p>
</div>
</div>
<script type="text/javascript">

</script>
<?php include_once("/var/home/hondovfd/hondovfd.org/www/analyticstracking.php"); ?>
</body>
</html>

you don't need all that bloat. set a session during login of some kind of uniquely identifying id. i.e.
$_SESSION['id'] = $row_rs['id'];
then on the pages you need to protect, check it like this....
<?php
session_start();
if (!(isset($_SESSION['id']) && $_SESSION['id'] != '')) {
die(header("Location: http://www.notinprotectedareas.com")); }
?>
you can use an include file i.e.
<?php require_once('login_check.php'); ?>
where file is name login_check.php to make your auth controls clean on your protected pages.

How to restrict access to views for some users in the app?

Hi SDN!
I have an WD application wich embedded in the portal. Appication has 2 iViews (and 2 pages respectively). These iViews consist several views connected with each other (e.g. one view provide list data, second view is add/edit form for this data). I need to restrict access for some users for view with add/edit form. I can't make separate page for this view.
What I've done:
1) create yet another UIContainer for this view in main window and embed view to this container. It was be done for create separate iView for form.
2) in the portal I create iView for this form but don't embedd in any page.
When I try to call my form from list data (that is one iView from another) I get exception:
<b>com.sap.tc.webdynpro.services.exceptions.WDRuntimeException: duplicate usage of view .MyCarRentalAddCity</b>
Is there a way to get needed functional?
Thanks,
Lev

Hi,
do you need to remove the IView from the portal menu or do you just want to make a View container in your WD application invisible if the user doesn't have the rights to see it.
If so, you could create your own roles on the app server:
You need to create a new class that extends NamePermission like:
import com.sap.security.api.permissions.NamePermission;
public class ApplicationAccessPermission extends NamePermission {
           * @param name
          public ApplicationAccessPermission(String name) {
               super(name);
           * @param name
           * @param action
          public ApplicationAccessPermission(String name, String action) {
               super(name, action);
Also, you have to create an Action.XML file that looks like this:
<BUSINESSSERVICE
     NAME="com.vendor.administration">
     <DESCRIPTION
          LOCALE="en"
          VALUE="actions view usage"/>
     <ACTION
          NAME="View Permission">
          <DESCRIPTION
               LOCALE="en"
               VALUE="Show view"
               />
          <PERMISSION
               CLASS="com.vendor.utilities.ApplicationAccessPermission"
               NAME="ShowView"
               />
     </ACTION>
</BUSINESSSERVICE>
If you have created these to files in your packages, you can access this function like:
IUser user ;
try {
          user = WDClientUser.getCurrentUser().getSAPUser();
          if(user.hasPermission(new ApplicationAccessPermission("Show view"))){
               wdContext.currentV_UIElement().setViewVisibility(WDVisibility.VISIBLE);
          }else{
               wdContext.currentV_UIElement().setViewVisibility(WDVisibility.NONE);
     }catch (WDUMException e1) {
          wdContext.currentV_UIElement().setViewVisibility(WDVisibility.NONE);
                e1.printStacktrace();
You have to bind the ViewVisibility attribute of the context to the View Container you want to hide.
The applicationAccessPermission you defined in the XML File will be visible in the UME Manager of you J2EE engine. With this action you can create a new role and group that you can map to the users that should see you view.
But, the exception you get is because you have embedded one view twice, which is not possible.
Hope this helps.
Regards,
Dennis

Restrict access to files

Similar Messages

Maybe you are looking for