The web services homepages.inf.ed.ac.uk and groups.inf.ed.ac.uk are configured to support our local Cosign (weblogin.inf) authentication service.
See - https://computing.help.inf.ed.ac.uk/cosign
Both services also have an "EASE" (now Your University Login) aware version.
The EASE configured services are called ease.homepages.inf.ed.ac.uk and ease.groups.inf.ed.ac.uk.
In the documentation and example below, the ease.homepages.inf site is used, but the same applies to ease.groups.inf
Not everyone automatically has an ease.homepages.inf.ed.ac.uk/UUN/ URL.
You need to request (via the support form) that the ease. version of your URL be activated.
Other than the server name, and the EASE configuration, the services are identical to their non-EASE versions.
The following shows an example for someone who's UUN = abc.
If you want to make homepages.inf.ed.ac.uk/abc/restricted/ only available to any EASE authenticated user (essentially anyone in the University). Then first you'd request that the ease.homepages URL for you be enabled.
Once that has been done and ease.homepages.inf.ed.ac.uk/abc/ activated, then *all content* that is accessible via homepages.inf.ed.ac.uk/abc/ will now also be available via the ease.homepages.inf.ed.ac.uk/abc/ URL too. See later some implications of this.
In the "abc/restricted/" directory, create or add the following to the .htaccess file.
CosignProtected On CosignRequireFactor EASE.ED.AC.UK AuthType Cosign Require valid-user
From now on, people visiting ease.homepages.inf.ed.ac.uk/abc/restricted/ will be asked to login via EASE if they have not already done so.
Important things to consider
In the above example, someone visiting the URL
homepages.inf.ed.ac.uk/abc/restricted/
(no "ease." prefix) would never be able to satisfy the authentication requirements. This is because they would be using our Informatics Cosign (weblogin), and that gives users the INF.ED.AC.UK factor, not the EASE one.
If you want both the "ease." and non-ease versions of the URL above to work, then the "CosignRequireFactor" line should have no arguments.
If homepages.inf.ed.ac.uk/abc/inf-only/ previously existed, with just
CosignProtected On AuthType Cosign Require valid-user
Which would previously have meant that only local Cosign logins were able to access the location. Now by visiting the ease equivalent URL, ie ease.homepages.inf.ed.ac.uk/abc/inf-only/ it would actually allow any member of the University to access it.
So you should always be explicit in your .htaccess file, about who should be able to authenticate to the content.