Login-Only Repository

From EPrints Documentation
Jump to: navigation, search

This instructions tell you how to configure your repository so that even the static pages and search and view pages require a valid username/password.

The /images and /style directories are deliberately unsecured so that you can explicitly always view the files in them (you need the CSS + images to render the login page!)

This even secures things like the OAI interface, and registration. So you'll probably want to disable web-based registration in favour of importing users or creating them with an admin account.

1. In archives/ARCHIVEID/cfg/lang/en/static/ rename index.xpage to home.xpage

2. Run bin/generate_static to generate the home.html file (and others).

3. Add the following to archives/ARCHIVEID/cfg/apachevhost.conf (use your site URL in the last bit and replace ARCHIVEID):

 <Location "">
   AuthName "Documents Area"
   AuthType "Basic"
   PerlAuthenHandler EPrints::Apache::Auth::authen
   PerlAuthzHandler EPrints::Apache::Auth::authz
   require valid-user
   AuthName "Documents Area"
 </Location>

 <Directory "/opt/eprints3/archives/ARCHIVEID/html/en/images">
   order allow,deny
   allow from all
   satisfy any
 </Directory>

 <Directory "/opt/eprints3/archives/ARCHIVEID/html/en/style">
   order allow,deny
   allow from all
   satisfy any
 </Directory>

 <Location "/cgi/reset_password">
   order allow,deny
   allow from all
   satisfy any
 </Location>

 <Location "/cgi/confirm">
   order allow,deny
   allow from all
   satisfy any
 </Location>

 <LocationMatch "^/$">
   Redirect / http://myarchive.ac.uk/cgi/users/login?target=/home.html
 </LocationMatch>

4. Restart Apache.

Allowing a few things without a password...

If you need to make any other Directories available without a password, copy the directory directive for the images dir and tweak it.

If you need to make a single file public, for example the RSS feed, use the following:

 <Directory "/opt/eprints3/archives/ARCHIVEID/html/en/style">
 <Files "latest_tool">
   order allow,deny
   allow from all
   satisfy any
 </Files>
 </Directory>