1<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
2
3<html>
4  <head>
5    <meta name="generator" content="HTML Tidy, see www.w3.org">
6    <title>Permission Checking</title>
7    <meta name="GENERATOR" content=
8    "Modular DocBook HTML Stylesheet Version 1.7">
9    <link rel="HOME" title=" LPRng Reference Manual" href=
10    "index.htm">
11    <link rel="UP" title="Permissions and Authentication " href=
12    "permsref.htm">
13    <link rel="PREVIOUS" title="Authentication Operations" href=
14    "auth.htm">
15    <link rel="NEXT" title="PGP Authentication Support" href=
16    "x9115.htm">
17  </head>
18
19  <body class="SECT1" bgcolor="#FFFFFF" text="#000000" link=
20  "#0000FF" vlink="#840084" alink="#0000FF">
21    <div class="NAVHEADER">
22      <table summary="Header navigation table" width="100%" border=
23      "0" cellpadding="0" cellspacing="0">
24        <tr>
25          <th colspan="3" align="center">LPRng Reference Manual: 5
26          Sep 2003 (For LPRng-3.8.22)</th>
27        </tr>
28
29        <tr>
30          <td width="10%" align="left" valign="bottom"><a href=
31          "auth.htm" accesskey="P">Prev</a></td>
32
33          <td width="80%" align="center" valign="bottom">Chapter
34          17. Permissions and Authentication</td>
35
36          <td width="10%" align="right" valign="bottom"><a href=
37          "x9115.htm" accesskey="N">Next</a></td>
38        </tr>
39      </table>
40      <hr align="LEFT" width="100%">
41    </div>
42
43    <div class="SECT1">
44      <h1 class="SECT1"><a name="AEN9083">17.11. Permission
45      Checking</a></h1>
46
47      <p>When an authenticated transfer has been performed, the
48      following permission information will be provided.</p>
49
50      <ul>
51        <li>
52          <p>AUTH This value is <var class="LITERAL">true</var> or
53          <var class="LITERAL">match</var> if an authenticated
54          request was received.</p>
55        </li>
56
57        <li>
58          <p>AUTHTYPE=authtype This has the value of the <var
59          class="LITERAL">authtype</var> field in the
60          authentication request.</p>
61        </li>
62
63        <li>
64          <p>AUTHUSER=userinfo This is the <acronym class=
65          "ACRONYM">AUTHUSER</acronym> information provided by the
66          authentication protocol, and is usually the originating
67          user's identification.</p>
68        </li>
69
70        <li>
71          <p>AUTHFROM=frominfo This is the <acronym class=
72          "ACRONYM">AUTHUSER</acronym> information provided by the
73          authentication protocol, and is usually the originating
74          system (user or lpd server) identification.</p>
75        </li>
76
77        <li>
78          <p>AUTHSAMEUSER This item has effect only when checking
79          jobs in a spool queue. The <acronym class=
80          "ACRONYM">AUTHUSER</acronym> information from the request
81          is compared to the <acronym class=
82          "ACRONYM">AUTHUSER</acronym> information from the request
83          that created a job. If they are identical, the match
84          succeeds.</p>
85        </li>
86
87        <li>
88          <p>AUTHJOB This item has effect only when checking jobs
89          in a spool queue. If the job was transfered using an
90          authentication protocol the match succeeds.</p>
91        </li>
92      </ul>
93      <br>
94      <br>
95
96      <p>For example, to reject non-authenticated operations, the
97      following line could be put in the permissions file.</p>
98
99      <div class="INFORMALEXAMPLE">
100        <a name="AEN9107"></a>
101<pre class="SCREEN">
102    REJECT NOT AUTH
103</pre>
104      </div>
105      <br>
106      <br>
107
108      <p>If a remote server has id information FFEDBEEFDEAF, then
109      the following will accept only forwarded jobs from this
110      server.</p>
111
112      <div class="INFORMALEXAMPLE">
113        <a name="AEN9110"></a>
114<pre class="SCREEN">
115    ACCEPT AUTH AUTHFROM=FFEDBEEFDEAF
116    REJECT AUTH
117    REJECT NOT AUTH
118</pre>
119      </div>
120      <br>
121      <br>
122
123      <p>To allow only authenticated users to remove jobs you can
124      use:</p>
125
126      <div class="INFORMALEXAMPLE">
127        <a name="AEN9113"></a>
128<pre class="SCREEN">
129    ACCEPT AUTH SERVICE=R,M,L,P AUTHSAMEUSER
130    REJECT AUTH
131    REJECT NOT AUTH
132</pre>
133      </div>
134      <br>
135      <br>
136    </div>
137
138    <div class="NAVFOOTER">
139      <hr align="LEFT" width="100%">
140
141      <table summary="Footer navigation table" width="100%" border=
142      "0" cellpadding="0" cellspacing="0">
143        <tr>
144          <td width="33%" align="left" valign="top"><a href=
145          "auth.htm" accesskey="P">Prev</a></td>
146
147          <td width="34%" align="center" valign="top"><a href=
148          "index.htm" accesskey="H">Home</a></td>
149
150          <td width="33%" align="right" valign="top"><a href=
151          "x9115.htm" accesskey="N">Next</a></td>
152        </tr>
153
154        <tr>
155          <td width="33%" align="left" valign="top">Authentication
156          Operations</td>
157
158          <td width="34%" align="center" valign="top"><a href=
159          "permsref.htm" accesskey="U">Up</a></td>
160
161          <td width="33%" align="right" valign="top">PGP
162          Authentication Support</td>
163        </tr>
164      </table>
165    </div>
166  </body>
167</html>
168
169