Access Control Schemes

TclHttpd supports access control at two levels. The most general support is through an access control procedure, or filter, that is run before each URL is processed. These filters are registered with the Url_AccessInstall procedure. See the lib/url.tcl file for more details about access control filters.

The DocAccessHook procedure provides support for Apache-style .htaccess files. This is enabled by default. Here is an explanation of .htaccess files by Piet Vloet. A web-based utility to maintain .htaccess Access Control can be run by the webmaster here, here is a brief guide for new installations.

Another feature implemented by DocAccessHook is support for .tclaccess files. These files are short Tcl scripts that define two variables: "realm" and "callback". The browser will display the realm string in the password prompt. The server will invoke the procedure named by the callback variable to check the password.

Examples using .tclaccess files

Examples using .htaccess files

To be able to run the examples you have to create the files /usr/local/htaccess/passwd and /usr/local/htaccess/group. Samples can be found in the htaccess subdirectory of the distribution. The password for a user is identical to its username.

HomeStatusLearnCGI TestsTemplatesAccess ControlReference Manual