When an authenticated transfer has been performed, the
following permission information will be provided.
AUTH This value is true or
match if an authenticated
request was received.
AUTHTYPE=authtype This has the value of the authtype field in the authentication
request.
AUTHUSER=userinfo This is the AUTHUSER information provided by the
authentication protocol, and is usually the originating
user's identification.
AUTHFROM=frominfo This is the AUTHUSER information provided by the
authentication protocol, and is usually the originating
system (user or lpd server) identification.
AUTHSAMEUSER This item has effect only when checking
jobs in a spool queue. The AUTHUSER information from the request is
compared to the AUTHUSER
information from the request that created a job. If they
are identical, the match succeeds.
AUTHJOB This item has effect only when checking jobs
in a spool queue. If the job was transfered using an
authentication protocol the match succeeds.
For example, to reject non-authenticated operations, the
following line could be put in the permissions file.
REJECT NOT AUTH
If a remote server has id information FFEDBEEFDEAF, then
the following will accept only forwarded jobs from this
server.
ACCEPT AUTH AUTHFROM=FFEDBEEFDEAF
REJECT AUTH
REJECT NOT AUTH
To allow only authenticated users to remove jobs you can
use:
ACCEPT AUTH SERVICE=R,M,L,P AUTHSAMEUSER
REJECT AUTH
REJECT NOT AUTH