<Session /> AuthType Basic AuthName Example AuthUserFile /wbl/cfg/user.cfg AuthGroupFile /wbl/cfg/group.cfg allow from all deny from .edu </Session> <Session /abc> allow from .ncsa.edu deny from .inetmi.com </Session> <Session /123> order mutual-failure allow from .inetmi.com .net deny from xyz.inetmi.com </Session> <Session /abc/def> allow from hoohoo.ncsa.edu deny from .ncsa.edu </Session> <Session /UserAuth> require group Development user FictionalUser1 </Session>
.eduto access the Webulator/400 session associated with the root (/) or any session below it. The session entries for /abc, /abc/def, /123 and /UserAuth contain overriding access controls, but all other subsessions on the host will use this entry.
Note that the allow entry is redundant because all hosts are allowed by default.
.eduunless they end in
.ncsa.edu, in which case they are allowed. It also disallows hosts that end in
Except for the session /abc/def (which contains overriding access control directives), this limit will apply to all subsessions.
mutual-failure, any previous allows and denies are ignored. In this session (and all subsessions), every host that ends in
.netwill be allowed except for the host
After this section is processed, any host that ends in
not be allowed unless it is
Any host that ends in
.inetmi.com will also not be allowed
(because of the access control directives in the parent session section).
All other hosts will be allowed.
.edu. Then user authorization will be applied to only allow User name/password combinations for the group
Developmentor the user