36.2. HTTP tables

Abilis implements an access control system based on:

36.2.1. Users table

Users can access to HTTP server only if they are enabled to HTTP service (parameter HTTP set tot YES).

[16:50:04] ABILIS_CPX:d user
------------------------+-------------+----------------------------------------
USER             PWD ACT|CTIP CLUS    |CHAT LDAP PPP FTP HTTP MAIL IAX SIP VO
------------------------+-------------+----------------------------------------
admin            *** YES #    #        NO   YES  YES YES YES  NO   NO  NO  NO
guest                NO  #    #        NO   NO   NO  NO  NO   NO   NO  NO  NO
httpuser         *** YES #    #        NO   NO   NO  NO  YES  NO   NO  NO  NO

To show the detailed user configuration parameters, type the command d user:<username>.

[16:50:06] ABILIS_CPX:d user:httpuser

Parameter:          | Value:
--------------------+----------------------------------------------------------
USER:                 httpuser
REAL-NAME:            httpuser
ID:                   9             <Read Only>
PWD:                  ***
ACT:                  YES
GROUP:                
CTIP:                 #
CLUS:                 #
ADDRBOOK-SYNC:        SYS           
ADDRBOOK-NUMBER:      AUTO          
ADDRBOOK-OUTDIAL:     NONE          
ADDRBOOK-PRIV-MAX:    SYS
ADDRBOOK-PUB-ENABLED: SYS           
OPC-ROLE:             USER
OPC-VIEW:             *
OPC-HIDE-NUMBERS:     NO
OPC-MONITOR:          NONE
OPC-PRIVACY:          NO
CHAT:                 NO    
CHAT-USER:            SYS
CHAT-PWD:             SYS
HTTP:                 YES
HTTP-HOME-URL:        
HTTP-PROT:            PLAIN,SSL
-------------------------------------------------------------------------------
[Tip]Tip

Interesting chapter: Section 5.9, “Users Table”.

Meaning of the parameters:

HTTP

Enables/disables the HTTP service.

HTTP-HOME-URL

User home page URL. "SYS" or from 0 up to 128 ASCII characters. Spaces are allowed. Case is preserved. Strings holding spaces must be written between quotation marks (e.g.: "/My url/my page.htm"). When "SYS", the home page URL is "/sys/user/sharedhome/home.html" and "home.html" file will be loaded from PUB\HOME. But if a file named "home.html" is found in subdirectory HOME of HTTP working directory (e.g. C:\APP\HTTP\HOME\), this one will be loaded. The pages that are under the virtual path "/sys/user/home/" will be loaded from to the user directory, i.e. C:\APP\USERS\<username>\.

HTTP-PROT

User's access protocol [PLAIN: not encrypted; SSL: encrypted].

36.2.2. HTTP Virtual Root Paths Table

HTTP Virtual Paths Table specifies the association between virtual paths and their respective physical paths.

Virtual Paths can be added/set/displayed/cleared with the commands:

a/s/d/c http path:<virtual path> [phys-path:<physical path>]

The whole table can be shown with the following command. The table is empty by default:

[15:12:11] ABILIS_CPX:d http path

Parameter:  | Value:
------------+------------------------------------------------------------------
PATH:         /test/
PHYS-PATH:    c:\usr\pub\test\
-------------------------------------------------------------------------------
PATH:         /trfafiles/
PHYS-PATH:    c:\app\trfa\
-------------------------------------------------------------------------------

Type the below command to show a specific path:

[15:12:15] ABILIS_CPX:d http path:/test/

Parameter:  | Value:
------------+------------------------------------------------------------------
PATH:         /test/
PHYS-PATH:    c:\usr\pub\test\
-------------------------------------------------------------------------------

Meaning of the parameters:

PATH

Specifies a directory virtual path with UNIX notation. Virtual path / needs not to be specified because / does never refer to physical path, it is only the “container” of virtual paths. The maximum length is of 32 characters.

PHYS-PATH

Specifies a directory physical path, with DOS notation (it starts with the disk letter and it ends with the character \ ). The maximum length is of 128 characters.

36.2.3. HTTP Virtual Paths Access Rights Table

This table specifies the associations between virtual paths, users and their respective access rights.

Access rights for a specific virtual path can be added/set/displayed/cleared with the following commands.

a http rights path:<virtual path> | id:<id>

adds the path only.

a http rights path:<virtual path> | id:<id> [user:<user> file:<file rights> dir:<dir rights> recur:yes|no mode:plain,ssl]

adds user and path.

s http rights path:<virtual path> | id:<id> user:<user> [file:<file rights> dir:<dir rights> recur:yes|no mode:plain,ssl]

sets rights and other parameters for an already existent user.

c http rights path:<virtual path> | id:<id> user:<user>

deletes an existing user; if the user is the last one the path is not deleted.

d http rights

displays rights summary.

d http rights path:<virtual path> | id:<id>

displays rights for a specific path.

d http rights user:<user>

displays rights which a user has on all paths; the paths for which the user is not defined are skipped.

[Tip]Tip

Access rights for a specific virtual path can be added/set/displayed/cleared specifying the path or the id: the following commands are equivalent.

[12:14:07] ABILIS_CPX:_d http rights id:1

-------------------------------------------------------------------------------
ID: PATH:
       USER:                            FILE: DIR:  RECUR: PROT:
-------------------------------------------------------------------------------
  1 /sys/
       admin                            r---  l---  YES    PLAIN,SSL
       test2                            r---  l---  YES    PLAIN,SSL
-------------------------------------------------------------------------------

[12:14:17] ABILIS_CPX:_d http rights path:/sys/

-------------------------------------------------------------------------------
ID: PATH:
       USER:                            FILE: DIR:  RECUR: PROT:
-------------------------------------------------------------------------------
  1 /sys/
       admin                            r---  l---  YES    PLAIN,SSL
       test2                            r---  l---  YES    PLAIN,SSL
-------------------------------------------------------------------------------

An example of the output is shown below (by default the table contains the following entries):

[17:54:31] ABILIS_CPX:d http rights

-------------------------------------------------------------------------------
ID: PATH:
       USER:                            FILE: DIR:  RECUR: PROT:
-------------------------------------------------------------------------------
  1 /sys/
       admin                            r---  l---  YES    PLAIN,SSL
-------------------------------------------------------------------------------
  2 /sys/pub/
       anonymous                        r---  ----  YES    PLAIN,SSL
-------------------------------------------------------------------------------

The rights are split in “file rights” and “directory rights” and are configured/viewed with two different parameters: FILE and DIR.

Table 36.1. FILE parameters values

RWDN
ReadWriteDeleteRename

Table 36.2. DIR parameters values

LCDN
ListCreateDeleteRename

The syntax is:

FILE:[+|-R][+|-W][+|-D][+|-N] DIR:[+|-L][+|-C][+|-D][+|-N]

  • The + sets granted right.

  • The - sets denied right.

  • If + or - is not specified, the value + is assumed, so it may be omitted.

  • Not specified right is left unchanged.

  • FILE and DIR values do not care of the characters' position.

  • FILE and DIR values are case insensitive.

The following commands are equivalent:

  1. S HTTP RIGHTS PATH:/ USER:test FILE:+R+W+D+N

    S HTTP RIGHTS PATH:/ USER:test FILE:rwdn

    S HTTP RIGHTS PATH:/ USER:test FILE:NdwR

  2. S HTTP RIGHTS PATH:/ USER:test FILE:+D-N

    S HTTP RIGHTS PATH:/ USER:test FILE:D-N

    S HTTP RIGHTS PATH:/ USER:test FILE:-ND