LPRng Reference Manual: 3 May 2004 (For LPRng-3.8.27)
Prev	Chapter 17. Permissions and Authentication	Next

17.11. Permission Checking

When an authenticated transfer has been performed, the following permission information will be provided.

AUTH This value is true or match if an authenticated request was received.
AUTHTYPE=authtype This has the value of the authtype field in the authentication request.
AUTHUSER=userinfo This is the AUTHUSER information provided by the authentication protocol, and is usually the originating user's identification.
AUTHFROM=frominfo This is the AUTHUSER information provided by the authentication protocol, and is usually the originating system (user or lpd server) identification.
AUTHSAMEUSER This item has effect only when checking jobs in a spool queue. The AUTHUSER information from the request is compared to the AUTHUSER information from the request that created a job. If they are identical, the match succeeds.
AUTHJOB This item has effect only when checking jobs in a spool queue. If the job was transfered using an authentication protocol the match succeeds.

For example, to reject non-authenticated operations, the following line could be put in the permissions file.

    REJECT NOT AUTH

If a remote server has id information FFEDBEEFDEAF, then the following will accept only forwarded jobs from this server.

    ACCEPT AUTH AUTHFROM=FFEDBEEFDEAF
    REJECT AUTH
    REJECT NOT AUTH

To allow only authenticated users to remove jobs you can use:

    ACCEPT AUTH SERVICE=R,M,L,P AUTHSAMEUSER
    REJECT AUTH
    REJECT NOT AUTH

Prev	Home	Next
Authentication Operations	Up	PGP Authentication Support