Hello All

Is it possible to secure Apache while still using aliases to pass files.

I have a OES Linux Quickfinder server setup with LUM and have used NFS to
mount my Novell cluster volumes locally for indexing.

searches are secured with Authorization and the resulting files can be
returned because I have used aliases in QFSrchApache.conf.

the problem is that if I change the url I can get to any file I wish even
if I do not own it ie..

log in as user1
user1 could type
and retrieve the file.

this is because apache can see and return from the nfs mount.

can Apache be secured with something like mod_access to check nds rights to
the file and return the file if authorised

I could change the 'Corresponding URL prefix' to file://... but I would
then need to be onsite to have a file returned.

the Novell site makes sure someone is authorised before a file can be
downloaded so it must be possible, can anyone share there experiences with
this issue and any possible solutions to this problem.