[Building Sakai] Selectively using basic authentication in Entity Brokers
David Wafula
davidwaf at gmail.com
Wed Apr 3 07:37:27 PDT 2013
Thanks Mathews. Yes, we will just control access directly the code., if
need be..i just thought there could be a config in sakai.properties or
something similar.
Regards,
On Wed, Apr 3, 2013 at 4:32 PM, Matthew Jones <matthew at longsight.com> wrote:
> If you have Apache or Nginx in front you can do whatever you want, block
> it completely or provide some other filtering to it. (Like IP restriction).
> There isn't anything built in like web services because these external
> /direct endpoints are intended to be interacted with by client browsers,
> not servers like the web services are.
>
> Otherwise all of these entities already should be providing security and
> only showing content appropriate and specific to the user logged in. If
> there's some sensitive/secure information on a URL that's public, you
> should send an email to security at sakaifoundation.org and describe the
> problem.
>
>
> On Wed, Apr 3, 2013 at 10:21 AM, David Wafula <davidwaf at gmail.com> wrote:
>
>> Hi all,
>> We wish to selectively lock down some /direct/blalbla urls through basic
>> authentication, is this possible?
>>
>> Regards
>>
>> --
>> David Wafula
>>
>> _______________________________________________
>> sakai-dev mailing list
>> sakai-dev at collab.sakaiproject.org
>> http://collab.sakaiproject.org/mailman/listinfo/sakai-dev
>>
>> TO UNSUBSCRIBE: send email to
>> sakai-dev-unsubscribe at collab.sakaiproject.org with a subject of
>> "unsubscribe"
>>
>
>
--
David Wafula
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://collab.sakaiproject.org/pipermail/sakai-dev/attachments/20130403/3881e1f2/attachment.html
More information about the sakai-dev
mailing list