EPrints Technical Mailing List Archive

See the EPrints wiki for instructions on how to join this mailing list and related information.

Message: #07502


< Previous (by date) | Next (by date) > | < Previous (in thread) | Next (in thread) > | Messages - Most Recent First | Threads - Most Recent First

Re: [EP-tech] Restricting access to CGI Scripts


Hi John,

> One solution would be to:
> copy the [EPRINTS_ROOT]/cgi/register file into [EPRINTS_ROOT]/archives/[ARCHIVEID]/cgi/

I tried the above solution that you had suggested, and it works great!

Thank you very much for providing several options to implement my
requirement, so promptly.

With regards, Francis



On Sun, Sep 30, 2018 at 3:49 AM John Salter <J.Salter@leeds.ac.uk> wrote:
>
> Hi Francis,
>
>
> One solution would be to:
>
> copy the [EPRINTS_ROOT]/cgi/register file into [EPRINTS_ROOT]/archives/[ARCHIVEID]/cgi/
>
>
> The archive version of the file will be used in preference to the global one.
>
> Edit this file, adding a test for the IP address e.g.
>
> if( $repo->remote_ip =~ m/^10\.11\.22\./ )
>
> {
>
> #do the normal registration stuff already in the cgi script
>
> }
>
> else
>
> {
>
> # generate a 'you cannot register' page (or a 'you must be on the intranet to register' page)
>
> }
>
>
> Another way to do what you want would be to sub-class the Screen::Register plugin, and alter the 'allow_register' method - and use the same test as above - based on $repo->remote_ip.
>
>
> If it's useful, there is an option 'allow_web_signup' in [EPRINTS_ROOT]/archives/[ARCHIVEID]/cfg/cfg.d/registration.pl which turns the ability to register via the web interface on or off - but I don;t think you want this - as it would stop all registrations, not just external ones.
>
>
> If that doesn't provide enough information, let me know and I'll provide some more details.
>
>
> Cheers,
>
> John
>
>
>
> ________________________________
> From: eprints-tech-bounces@ecs.soton.ac.uk <eprints-tech-bounces@ecs.soton.ac.uk> on behalf of Francis Jayakanth via Eprints-tech <eprints-tech@ecs.soton.ac.uk>
> Sent: 29 September 2018 17:55:14
> To: eprints-tech@ecs.soton.ac.uk
> Subject: [EP-tech] Restricting access to CGI Scripts
>
> Hi, I would like to restrict access to the 'Create Account' link of
> our repository to the intranet users only. Can Someone who has
> implemented it, share the details, please?
>
> Thanks and regards, Francis
> *** Options: http://mailman.ecs.soton.ac.uk/mailman/listinfo/eprints-tech
> *** Archive: https://emea01.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.eprints.org%2Ftech.php%2F&amp;data=01%7C01%7Ceprints-tech%40ecs.soton.ac.uk%7C630a6d70adb6408afe6a08d626fe70a6%7C4a5378f929f44d3ebe89669d03ada9d8%7C1&amp;sdata=SC4xJ78pPtcboonZWNGcZBSVSiTlt34cXtsOFAmFQ3w%3D&amp;reserved=0
> *** EPrints community wiki: https://emea01.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwiki.eprints.org%2F&amp;data=01%7C01%7Ceprints-tech%40ecs.soton.ac.uk%7C630a6d70adb6408afe6a08d626fe70a6%7C4a5378f929f44d3ebe89669d03ada9d8%7C1&amp;sdata=9qimXsNUlVOtpZsW0GyyLKIrbmdRlwhyYCxOaWvHr%2BE%3D&amp;reserved=0
> *** EPrints developers Forum: https://emea01.safelinks.protection.outlook.com/?url=http%3A%2F%2Fforum.eprints.org%2F&amp;data=01%7C01%7Ceprints-tech%40ecs.soton.ac.uk%7C630a6d70adb6408afe6a08d626fe70a6%7C4a5378f929f44d3ebe89669d03ada9d8%7C1&amp;sdata=b3cS%2FIyFS0hh00abN3DrpWiNKhT2nYu64c8WXUxij9s%3D&amp;reserved=0