Forum OpenACS Q&A: Re: Restrict access to a package based on IP address range?
I took a look in /packages/acs-subsite/tcl/acs-subsite-init.tcl but all the code is commented out. /tcl/0-acs-init.tcl doesn't have any filters either. Is there another place to put filters?
ad_register_filter -critical t -debug t postauth * /foo/* my_access_control_proc
Note that in my case the URLs I was dealing with were not
part of any OpenACS package, so the
my_access_control_proc above was doing a big nasty query
implementing all the different access control rules (IP based, OpenACS
user/group based, etc.) at once. If the query said access is
approved, the proc just returns
filter_ok. If query said
denied, send a nice templated access denied yada yada page to the
user, and return
You'll probably also want to cache the results of that access control proc for a limited time with util_memoize, but you can worry about that later once you have it working.