Access control groups provide a way to specify what users and groups of users may apply which HTTP methods to URLs. Access control groups have names and coexist in a realm with groups and users.
HTTP:EXPORT-URL accepts two keyword arguments useful for controlling access to URLs to authenticated users only.
Here is an example of a definition that gives the group :users permission for the :HEAD and :GET methods. It also allows the user "frank" to use the :POST method. Capabilities should be defined using http:add-access-control-group.
(add-access-control-group :sample-capabilities
:sample-realm
:capabilities '((:head :users)
(:get :users)
(:post "frank")))
The :DEFAULT method is used to specify access to all HTTP methods not
otherwise specified in the capabilities alist. This example gives the :users
group access to all server methods.
(add-access-control-group :sample-permissions
:sample-realm
:capabilities '((:default :users)))
The :DEFAULT method can be used in conjunction with null values for other
methods to prevent all access to those methods. The following example gives
"frank" access to all methods except :delete.
(add-access-control-group :sample-permissions
:sample-realm
:capabilities '((:delete)
(:default "frank")))
Back to CL-HTTP Authentication