Access Control Module
The Access Control module allows Administrators to limit website access to users signed into a service via Terminalfour Groups.
You can download the Access Control Module here (authentication required).
About Access Control
Access Control works by checking a parameter supplied to the script via the user's sign-in service against the permitted Groups in Terminalfour. Access Control currently supports 3 types of sign-in mechanism:
- Central Authentication Service (CAS) - User groups are retrieved using the PHP CAS API
- Server Variables - User groups are retrieved from a _SERVER variable, generally set by a sign-in service such as SAML2
- Terminalfour - User groups are retrieved from a Terminalfour user account using the Terminalfour Web Services API
When authentication is configured for Single Sign-On (e.g. CAS or SAML), the Terminalfour Group names should match the names that are returned by Single Sign-On for the logged-in user's Group(s). In this case, the Terminalfour Groups are used as a string match for the SSO groups and do not need to contain the users.