ns_perm - Add users, groups, and permissions
ns_perm adduser adds the user with the specified name and the encrypted password (encpass) and the specified user text (userfield) into the users database.
-allow and hostnames are specified, the user will be allowed on the specified hostnames. -deny and hostnames are specified, the user will be denied on the specified hostnames. The hostname must be specified as ipaddress/netmask or dnshostname.
128.2.142.0/255.255.255.0 or www.microsoft.com or .microsoft.com.
-salt By default password is assumed encrypted with ns_crypt command and salt CU:
ns_crypt mypasswd CU
This argument tells command that password is clear text and it should be encrypted by the ns_perm command with specified salt. -clear Tells that we keep password in clear text
ns_perm deluser deletes user from the memory
ns_perm addgroup creates a new group with the specified name that includes the users listed after the name.
ns_perm delgroup deletes group from the memory
method url user...]] ns_perm allowuser allows the specified user access to the specified method and URL combination. If -noinherit is specified, only access to the exact URL is allowed; otherwise, URLs under that URL are allowed as well.
ns_perm denyuser denies the specified user access to the specified method and URL combination. If -noinherit is specified, only access to the exact URL is denied; otherwise, URLs under that URL are denied as well.
ns_perm allowgroup allows the specified group access to the specified method and URL combination. If -noinherit is specified, only access to the exact URL is allowed; otherwise, URLs under that URL are allowed as well.
ns_perm denygroup denies the specified group access to the specified method and URL combination. If -noinherit is specified, only access to the exact URL is denied; otherwise, URLs under that URL are denied as well.
ns_perm checkpass checks that the specified plain-text password is correct for the specified user. A Tcl error is thrown if it does not match.
ns_perm setpass updates the specified user's password to the encrypted password encpass. The password should be encrypted using ns_encrypt.
Produce Tcl list of all current users in the format username password ....
Produce Tcl list with all registered groups in the format: groupname {user ...} ...
Produce Tcl list with all registered allow/deny statements for each url
Reloads all ns_perm files, on very busy sites there could happen authentication denies because this command clears the memory first and then loads files from the disk
The following configuration options are available to control permission module
This parameter if set to true, enables .htaccess mode, similar to what the Apache web server has but very simple and limited in functionality.
On every request the server looks for .htaccess file in the current request directory and loads it if modified since the last read. The structure of the file is simple:
allow user ... deny user ...
This parameter determines which file with users and passwords needs to be checked for modification and reloaded automatically.
ns_section "ns/server/servername/module/nsperm" ns_param htaccess false ns_param passwdfile /usr/local/ns/modules/nsperm/passwd
ns_perm adduser test [ns_crypt testpass ""] TestUser ns_perm adduser -salt CU test2 test TestUser2 ns_perm allowuser GET /Documents test test2