Limiting access to parts of Webadmin to specific users
Overview
By default, Webadmin allows any authorized Webadmin user access to all Webadmin features. The Apache configuration for Webadmin can be modified to limit access only to specific users.
Goal
Limit access to specific parts of Webadmin to only specific users.
Procedure:
1. Logged into the Voyager server as 'root'; navigate to /m1/shared/apache2/conf/ConfiguredVirtualHosts.
2. Locate the WebVoyage configuration file, and create a backup (xxxdb_vwebv_httpd.conf OR xxxdb_webvoyage_httpd.conf)
3. Open the file in a text editor.
4. Within this file, locate the <Directory /m1/voyager/xxxdb/webadmin/> directive.
5. Immediately before the closing </Directory> tag, add the following:
<Files ~ "file1.cgi|file2.cgi|file3.cgi...">
AuthType basic
AuthName "Admin only"
AuthUserFile /m1/shared/apache2/conf/AuthorizedUsers/xxxdb.users
require user admin
</Files>
6. In Files ~ "file1.cgi|file2.cgi|file3.cgi...">: Replace each file name with a file corresponding to a WebVoyage feature intended for limited access e.g. bulkexport.cgi. Find these file names by noting the url when navigating to these features.
7. In "require user admin" replace admin with the names of users to be allowed access multiple id's can be added e.g. "require user user1 user2 user3"
8. Ensure that xxxdb in xxxdb.users is replaced with the correct name of the db.
9. Backup the new version of the configuration file, and restart Apache
10. If Webadmin returns a server error, check /m1/shared/apache2/logs/xxxdb/error_log.