Links with authentication

You can include credentials in a link. Your options are:

• use standard URL with the form http://USERNAME:PASSWORD@yourIpOrDomain/someFolder/

  This is a good option if you want to point to single files, and/or use command-line tools like curl or wget. Be sure you are using https because otherwise your password can be easily read by techies. It's not working with folders, because of the way modern browsers work. (they don't send credentials at first, but require the server to respond with "basic" authentication, that is incompatible with HFS' own safer authentication (unless you are using a legacy browser)

• use this form http://yourIpOrDomain/someFolder/?login=USERNAME:PASSWORD

  Not standard, but a good alternative.

Be sure you are using https because, in both cases, your password can be easily read by techies.

Disabled accounts

What happens when you disable an account?

• if a user is disabled, it cannot log in
• if all the groups of a user are disabled, then it cannot log in (even if the user itself is not disabled)
• a user won't inherit permissions from a group if this group is disabled

Groups

Important facts:

• an account can be member of multiple groups;
• a group can be member of another group.

Trivia

While the interface displays groups and users, HFS internally treats groups as accounts without passwords, making them unable to log-in; internally, there is no distinct group entity. This means that, technically, any account can belong to another, user or group. HFS only utilizes password authentication during login, and disregards it when managing memberships. While the interface won't allow it, you could make a user member of another user by editing the config file.