Re: Announcing Access Authorization Documentation

Christopher McRae (
Fri, 10 Sep 1993 16:52:48 PDT

I've read through your documentation and it looks good except for
one issue: there is no provision for controlling access *per method*.
Once we have implemented the PUT and POST methods of HTTP, I expect
it will be quite common for a webmaster to wish readers relative to the number of writers for a particular resource.
I suggest that you add a <methods> field to the .www_acl file, such

method,method,...:template: group,user,group,...

or some other syntax. Alternatively, you could specify the methods in
the rule file, but the access list seems a better place to me.
Also, could you clarify some thing for me? Regarding the <template>
specified in the protect rule of the rule file and also in each entry of
the access control list: Does this <template> refer only to files or can
it be a subdirectory - the latter indicating that the entire hierarchy
is to be accessible only to those in the corresponding user/group list?
Here are the pertinent references:

In <> you

The protect rule has two forms unifrom with those of the pass rule:

protect <template>

The filename matching the <template> is protected...

and also in

template is the name of a file in that directory

Ari Luotonen writes:

Date: Fri, 10 Sep 93 16:53:56 +0200
From: (Ari Luotonen)
Message-Id: <>
Subject: Announcing Access Authorization Documentation

The pre-release of WWW Access Authorization Documentation has
been hung to the Web:

WWW Project Home Page / Technical / Access Authorization

or URL:

[remaining stuff deleted]

Christopher McRae mail:
UCSF Center for Knowledge Management at&t: 415/476-3577
530 Parnassus Avenue, Box 0840 fax: 415/476-4653
San Francisco, California 94143