Restricting access to to a "group" of users
Strictly, Raven's job is just to identify who is sitting at the web browser. However, having done that it's clearly possible to use that identity to control access. How you do this will depend on how you are using Raven. If you are using the Apache module (mod_ucam_webauth) then you use the 'Require' directive to control access just as you do for any other Apache authentication method. For example
Require valid-user
grants access to anyone who can authenticate using Raven (roughly 'current staff and students of the University), while
Require jp335 jw35 fjc55
grants access to people who can authenticate as jp335 jw35 fjc55, and
AuthGroupFile /web/group Require group admin
grants access to people in the 'admin' group defined in the file /web/group. See the documentation for 'Require' and 'AuthGroupFile' and the mod_ucam_webauth documentation.