Changing access rights for Seed Objects to Stanford Only #46
Labels
needs analysis
cannot proceed with this issue without analysis
web archiving
2022 web archiving work cycle
Comments
edsu
added
web archiving
|
Iceboxing since there is not a pywb API (yet, at least) for handling this and not wanting to add complexity with a daemon as described in #10, which is Iceboxed. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
In Argo users can set the access rights of a Seed Object to Stanford Only, which ideally should make the website URL only available to people who are on campus, or logged into the VPN.
pywb's Access Controls should allow the ACLJ file to limit access based on the presence of a
X-Pywb-ACL-UserHTTP header. For example if this header was set toStanfordthen an ACLJ rule could be written to indicate that a given URL should only be available to theStanforduser.It seems like this header could be conditionally set in the Apache configuration based on another HTTP header that is sent upstream by Stanford's Single Sign On Proxy? For example what does Stacks do to control this type of access? We need to do some analysis to see if this is possible. If it is possible then we need to also modify the daemon created as part of #10 to modify the ACLJ for Stanford Only rights changes as well.
The text was updated successfully, but these errors were encountered: