University of Michigan Health System

Public Relations & Marketing Communications

• Communication Plan Development
• Consumer Services
• Faculty & Staff Communications
• Marketing Communications
• Public Relations
• Referring Physician Services
• Tour & Event Planning
• Web Services
  • Development & Maintenance
  • Usage Statistics
  • Web Publishing @ UMHS
• Writing & Editorial Services

Restricting Access

For the most part, as soon as you put an HTML file in your project directory, anyone anywhere on the web can access it if they know its address (URL). If you need to restrict access to your web pages, the following options are available:

Restriction by client location

Access to pages can be restricted based on where the machine running the web browser is located. The basic categories are Internal (also known as " the intranet "), meaning "on the UM Campus (Note: as of 9/27/02, access to internal pages is limited to UMHS workstations) or dialing into a UMHS modem" , and External meaning "everywhere else".

To make a web page viewable only by those using UMHS workstations (which includes those dialing into the UMHS dedicated dial-in service but NOT those using UM dial-in services), you must place your HTML file in your project directory within the "i" directory on the MED-INFO server. The resulting URL for your file will be http://www.med.umich.edu/i/yourdirectory/yourfile.htm . Note that this means that anyone at such a workstation can access these internal pages; a signon and password is not required (other than when initially dialing into the UMHS modem), so this method should not be used to protect information that is very sensitive such as patient information or social security numbers.

To make a web page viewable only by those using UM workstations (which includes those dialing into the UMHS dedicated dial-in service but NOT those using UM dial-in services), you must place your HTML file in your project directory within the "u" directory on the MED-INFO server. The resulting URL for your file will be http://www.med.umich.edu/u/yourdirectory/yourfile.htm . Note that this means that anyone at such a workstation can access these internal pages; a signon and password is not required (other than when initially dialing into the UMHS modem), so this method should not be used to protect information that is very sensitive such as patient information or social security numbers.

If you don't have access to the "i" or "u" directory on MED-INFO or can't find your assigned project directory in the "i" directory, contact umhsweb.accounts@umich.edu .

Restriction by Uniqnames and Kerberos Passwords

MCIT currently doesn't provide this service for files stored on its web servers, but if you want this capability you have at least two options:

• Information Technology Central Services' web services. (You can continue to keep any unrestricted pages on MCIT webservers.) See ITD's document Restrict Access to Web Pages Using umich uniqnames and Kerberos Passwords for more information.
• U-M's SiteMaker system offers the ability to restrict access to Web sites by Uniqname and Kerberos password, and also by user-chosen IDs and passwords (useful when you'd like people outside U-M to be able to access restricted portions of your site). Again, you can continue to keep any unrestricted pages on MCIT webservers.

 

 

 

• U-M Medical School
• Hospitals & Health Centers
• U-M School of Nursing
• U-M
• TEXT-ONLY

University of Michigan Health System, 1500 E. Medical Center Drive Ann Arbor, MI 48109 734-936-4000
© copyright 2008 Regents of the University of Michigan / Developed & maintained by: Public Relations & Marketing Communications. Contact UMHS

The University of Michigan Health System Web site does not provide specific medical advice and does not endorse any medical or professional service obtained through information provided on this site or any links to this site. Complete disclaimer and Privacy Statement