For the most part, as soon as you put an HTML file in your project directory, anyone anywhere on the web can access it if they know its address (URL). If you need to restrict access to your web pages, the following options are available:
Restriction by client location
On www.med.umich.edu, access to pages can be restricted based on where the machine running the web browser is located. The basic categories are: Internal (also known as " the intranet "), meaning the pages can be accessed from any machine on the UMHS network (which includes machines accessing from remotes sties and using VPN software); and External, meaning the pages can be accessed by any computer anywhere.
To make a web page viewable only by those on the UMHS network, your project directory must be in the "i" directory on the MEDINFO server. The resulting URL for your file will be http://www.med.umich.edu/i/yourdirectory/yourfile.htm . Note that this means that anyone at such a workstation can access these internal pages; a signon and password is not required (other than when initially signing on to the computer, if that is required), so this method should never be used to protect information that is very sensitive, such as patient information or social security numbers.
To make a web page viewable only by those using UM workstations you must place your HTML file in your project directory within the "u" directory on the MEDINFO server. The resulting URL for your file will be http://www.med.umich.edu/u/yourdirectory/yourfile.htm . Note that this means that anyone at such a workstation can access these internal pages; a signon and password is not required so this method should not be used to protect information that is very sensitive such as patient information or social security numbers.
If you don't have access to the "i" or "u" directory on MEDINFO or can't find your assigned project directory in the "i" directory, contact MCIT at 936-8000.
Restriction by Uniqnames and Kerberos Passwords
MCIT currently doesn't provide this service for files stored on its web servers, but if you want this capability you have at least two options:
- Information Technology Central Services' web services. (You can continue to keep any unrestricted pages on MCIT webservers.) See Restrict Access to Web Pages Using umich uniqnames and Kerberos Passwords for more information.
- U-M's SiteMaker system offers the ability to restrict access to Web sites by Uniqname and Kerberos password, and also by user-chosen IDs and passwords (useful when you'd like people outside U-M to be able to access restricted portions of your site). Again, you can continue to keep any unrestricted pages on MCIT webservers.