45.2. HTTP tables

The Abilis implements an access control system based on:

45.2.1. Users table

Users can access to HTTP server only if they're enabled to HTTP service (parameter HTTP set tot YES).

[16:50:04] ABILIS_CPX:d user
------------------------+-------------+----------------------------------------
USER             PWD ACT|CTIP CLUS    |CHAT LDAP PPP FTP HTTP MAIL IAX SIP VO
------------------------+-------------+----------------------------------------
admin            *** YES #    #        NO   YES  YES YES YES  NO   NO  NO  NO
guest                NO  #    #        NO   NO   NO  NO  NO   NO   NO  NO  NO
httpuser         *** YES #    #        NO   NO   NO  NO  YES  NO   NO  NO  NO

To show the detailed user configuration parameters, type the command d user:<username>.

[16:50:06] ABILIS_CPX:d user:httpuser

Parameter:          | Value:
--------------------+----------------------------------------------------------
USER:                 httpuser
REAL-NAME:            httpuser
ID:                   9             <Read Only>
PWD:                  ***
ACT:                  YES                                          
CP-LEVEL:             NO                                           
SSH-IP-PERMIT:        *
TELNET-IP-PERMIT:     *
CTI-ROLE:             EXTENSION
GROUP:                
CTIP:                 #
CTIP-CDI-PERMIT:      *
CLUS:                 #
CLUS-CDI-PERMIT:      *
ADDRBOOK-SYNC:        SYS                                          
ADDRBOOK-NUMBER:      AUTO                                         
ADDRBOOK-OUTDIAL:     NONE                                         
ADDRBOOK-PRIV-MAX:    SYS
ADDRBOOK-PUB-EDITABLE:SYS                                          
IO-MAP:               #
OPC-ROLE:             USER
OPC-VIEW:             *
OPC-HIDE-NUMBERS:     NO
OPC-MONITOR:          SIP
OPC-PRIVACY:          NO
CHAT:                 NO    
CHAT-USER:            SYS
CHAT-PWD:             SYS
HTTP:                 YES
HTTP-LEVEL:           BASIC
HTTP-HOME-URL:        
HTTP-PROT:            PLAIN,SSL
-------------------------------------------------------------------------------
[Tip]Tip

Interesting chapter: Section 6.9, “Users Table”.

Meaning of the parameters:

HTTP

Enable/disable HTTP for this user [NO, YES].

HTTP-LEVEL

Role of the user which determines the degree of detail of the web interface [BASIC, ADVANCED, MANAGER, ADMINISTRATOR].

HTTP-HOME-URL

User home page URL. SYS or max 128 ASCII characters. Spaces require double quotes (e.g.: "/My url/my page.htm").

  • If it's empty: the homepage is the default.

  • When "SYS", the homepage URL is "/sys/user/sharedhome/home.html" and "home.html" file will be loaded from PUB\HOME. But if a file named "home.html" is found in the subdirectory HOME of HTTP working directory (e.g. C:\APP\HTTP\HOME\), this one will be loaded.

  • The pages that are under the virtual path "/sys/user/home/" will be loaded from to the user directory C:\APP\USERS\<username>\. Example: HTTP-HOME-URL:/sys/user/home/my_home_page.html will load the file C:\APP\USERS\<username>\my_home_page.html.

  • When is set to any other URL, the HTTP server will try to resolve and open it (e.g. HTTP-HOME-URL:http://ilmeteo.it/).

HTTP-PROT

HTTP protocol [PLAIN: not encrypted; SSL: encrypted]. Values can be joined using ',' character.

45.2.2. HTTP Virtual Root Paths Table

HTTP Virtual Paths Table specifies the association between virtual paths and their respective physical paths.

Virtual Paths can be added/set/displayed/cleared with the commands:

a/s/d/c http path:<virtual path> [phys-path:<physical path>]

The whole table can be shown with the following command. The table is empty by default:

[15:12:11] ABILIS_CPX:d http path

Parameter:  | Value:
------------+------------------------------------------------------------------
PATH:         /test/
PHYS-PATH:    c:\usr\pub\test\
-------------------------------------------------------------------------------
PATH:         /trfafiles/
PHYS-PATH:    c:\app\trfa\
-------------------------------------------------------------------------------

Type the below command to show a specific path:

[15:12:15] ABILIS_CPX:d http path:/test/

Parameter:  | Value:
------------+------------------------------------------------------------------
PATH:         /test/
PHYS-PATH:    c:\usr\pub\test\
-------------------------------------------------------------------------------

Meaning of the parameters:

PATH

Virtual root path. Max 32 chars. Spaces require double quotes (E.g. "/My dir/")

PHYS-PATH

Physical path. Full path with drive letter ['C'..'Z'] terminated by '\'. Max 128 chars. Spaces require double quotes (E.g. "C:\My dir\").

45.2.3. HTTP Virtual Paths Access Rights Table

This table specifies the associations between virtual paths, users and their respective access rights.

Access rights for a specific virtual path can be added/set/displayed/cleared with the following commands.

a http rights path:<virtual path> | id:<id>

Adds the path only.

a http rights path:<virtual path> | id:<id> [user:<user> file:<file rights> dir:<dir rights> recur:yes|no mode:plain,ssl]

Adds user and path.

s http rights path:<virtual path> | id:<id> user:<user> [file:<file rights> dir:<dir rights> recur:yes|no mode:plain,ssl]

Sets rights and other parameters for an already existent user.

c http rights path:<virtual path> | id:<id> user:<user>

Deletes an existing user; if the user is the last one the path isn't deleted.

d http rights

Displays rights summary.

d http rights path:<virtual path> | id:<id>

Displays rights for a specific path.

d http rights user:<user>

Displays rights which a user has on all paths; the paths for which the user isn't defined are skipped.

[Tip]Tip

Access rights for a specific virtual path can be added/set/displayed/cleared specifying the path or the id: the following commands are equivalent.

[12:14:07] ABILIS_CPX:d http rights id:1

-------------------------------------------------------------------------------
ID: PATH:
       USER:                            FILE: DIR:  RECUR: PROT:
-------------------------------------------------------------------------------
  1 /sys/
       admin                            r---  l---  YES    PLAIN,SSL
       test2                            r---  l---  YES    PLAIN,SSL
-------------------------------------------------------------------------------

[12:14:17] ABILIS_CPX:d http rights path:/sys/

-------------------------------------------------------------------------------
ID: PATH:
       USER:                            FILE: DIR:  RECUR: PROT:
-------------------------------------------------------------------------------
  1 /sys/
       admin                            r---  l---  YES    PLAIN,SSL
       test2                            r---  l---  YES    PLAIN,SSL
-------------------------------------------------------------------------------

An example of the output is shown below (by default the table contains the following entries):

[17:54:31] ABILIS_CPX:d http rights

-------------------------------------------------------------------------------
ID: PATH:
       USER:                            FILE: DIR:  RECUR: PROT:
-------------------------------------------------------------------------------
  1 /sys/
       admin                            r---  l---  YES    PLAIN,SSL
-------------------------------------------------------------------------------
  2 /sys/pub/
       anonymous                        r---  ----  YES    PLAIN,SSL
-------------------------------------------------------------------------------

The rights are split in “file rights” and “directory rights” and are configured/viewed with two different parameters: FILE and DIR.

Table 45.1. FILE parameters values

RWDN
ReadWriteDeleteRename

Table 45.2. DIR parameters values

LCDN
ListCreateDeleteRename

The syntax is:

FILE:[+|-R][+|-W][+|-D][+|-N] DIR:[+|-L][+|-C][+|-D][+|-N]

  • The + sets granted right.

  • The - sets denied right.

  • If + or - isn't specified, the value + is assumed, so it may be omitted.

  • Not specified right is left unchanged.

  • FILE and DIR values do not care about the characters' position.

  • FILE and DIR values are case insensitive.

The following commands are equivalent:

  1. S HTTP RIGHTS PATH:/ USER:test FILE:+R+W+D+N

    S HTTP RIGHTS PATH:/ USER:test FILE:rwdn

    S HTTP RIGHTS PATH:/ USER:test FILE:NdwR

  2. S HTTP RIGHTS PATH:/ USER:test FILE:+D-N

    S HTTP RIGHTS PATH:/ USER:test FILE:D-N

    S HTTP RIGHTS PATH:/ USER:test FILE:-ND