Sun Java System Web Server 7.0 Update 2 Administrator's Configuration File Reference


The require-auth function allows access to resources only if the user or group is authorized. Before this function is called, an authorization function (such as basic-auth) must be called in the AuthTrans directive.

If a user is authorized in the AuthTrans directive and the auth-user parameter is provided, the name of the user must match with the auth-user wildcard value. Also, if the auth-group parameter is provided, the authorized user must belong to an authorized group, which must match the auth-user wildcard value.


The following table describes parameters for the require-auth function.

Table 7–28 require-auth Parameters




(Optional) Wildcard local file system path on which this function should operate. If no path is provided, the function applies to all paths. 


Type of HTTP authorization used. Currently, basic is the only authorization type defined.


String sent to the browser indicating the secure area (or realm) for which user name and password are requested. 


(Optional) Specifies a wildcard list of users who are allowed access. If this parameter is not provided, any user authorized by the authorization function is given access. 


(Optional) Specifies a wildcard list of groups that are allowed access. 


(Optional) Common to all obj.conf functions. Adds a bucket to monitor performance. For more information, see The bucket Parameter.


PathCheck fn="require-auth" auth-type="basic" realm="Marketing Plans" 
      auth-group="mktg"  auth-user="(jdoe|johnd|janed)"

See Also