Re: [mod-security-users] Fwd: Re: filtering based on uname
Brought to you by:
victorhora,
zimmerletw
From: Ivan R. <iva...@gm...> - 2006-06-26 09:08:02
|
On 6/23/06, Kim <kim...@ya...> wrote: > Currently I am using 1.x, Is 2.x stable ? Not yet. > I am very newbie, where would I get the uname of the web application (from > which variable in the predefined variables provided in the mod_security) > compare it with joedoe, who is allowed or not allowed access to particular > URL form submission ? I am not sure I understand. Which "uname" are we talking about? In 1.x you can use the username obtained from HTTP authentication. In 2.x it is possible to teach ModSecurity how to recognise which user is logged-in into the application, so you could use that too. -- Ivan Ristic, Technical Director Thinking Stone, http://www.thinkingstone.com ModSecurity: Open source Web Application Firewall |