Sun Java System Web Server 6.1 SP11 Administrator's Configuration File Reference


Applicable in PathCheck-class directives.

The require-auth function allows access to resources only if the user or group is authorized. Before this function is called, an authorization function (such as basic-auth) must be called in an AuthTrans directive.

If a user was authorized in an AuthTrans directive, and the auth-user parameter is provided, then the user’s name must match the auth-user wildcard value. Also, if the auth-group parameter is provided, the authorized user must belong to an authorized group, which must match the auth-user wildcard value.


The following table describes parameters for the require-auth function.

Table 4–29 require-auth Parameters




(Optional) Wildcard local file system path on which this function should operate. If no path is provided, the function applies to all paths. 


Type of HTTP authorization used, and must match the auth-type from the previous authorization function in AuthTrans. Currently, basic is the only authorization type defined.


String sent to the browser indicating the secure area (or realm) for which a user name and password are requested. 


(Optional) Specifies a wildcard list of users who are allowed access. If this parameter is not provided, any user authorized by the authorization function is allowed access. 


(Optional) Specifies a wildcard list of groups that are allowed access. 


(Optional) Common to all obj.conf functions.


PathCheck fn=require-auth auth-type=basic realm="Marketing Plans" 
auth-group=mktg auth-user=(jdoe|johnd|janed)

See Also

basic-auth, basic-ncsa