Forum OpenACS Q&A: Re: Hosting a searchable mail archive

3: Re: Hosting a searchable mail archive (response to 2)

Posted by Robin Felix on 05/15/04 08:09 PM

My understanding of Static Pages is that the indexed content pages must be mounted under the <myserver>/www filesystem. This defeats the controls imposed by OACS groups -- once the URL is recovered, it allows access to the content without restriction.

I want to be able to restrict access to organization members, a group that changes from year to year, and I don't want others to be able to access the archives using a URL that bypasses OACS login security.

If there were a way to accomplish this with Static Pages, I would use it. Otherwise, I was hoping that a more robust OACS 5 Content Management application would do a better job.

4: Re: Hosting a searchable mail archive (response to 3)

Posted by Randy O'Meara on 05/15/04 08:50 PM

Robin,

I haven't done this, so I'm guessing that it will work. Somebody else pipe up if this is incorrect...

You can control access based on acs-subsite Application group membership.

My understanding is that you should be able to create a subsite (say, mlist), set it's join policy to closed, and mount a static pages instance under that subsite (say mlist/archive). You can control membership in the groups "mlist Administrators" and "mlist Members", created by the subsite instantiation code. If you already have a member group, you may be able to assign subsite permissions to that group, though I'm not certain.

You then should be able to create a directory "<acs root>/www/mlist/archives" and place your static content there.