Table of Contents
Advertisement
Host-IP Authentication
Controlling Access to Your Server Using Local Database or LDAP Modes 267
IMPORTANT:
If your server doesn't use SSL encryption, the username and
password that the end user types are sent unencrypted across the network.
Someone could intercept the network packets and read the username and
password being sent to the Web server. For this reason, User-Group authentication
is most effective when combined with SSL encryption, or Host-IP authentication, or
both.
Client Certificate Authentication
You can confirm users' identities with security certificates before giving the
users access to your Web site. You can do this in the following two ways:
The server can use the information in the certificate as proof of identity.
The server can verify the certificate itself, provided the certificates are
published in an LDAP directory.
When a request comes in and you have client authentication on, the server
performs these actions in the following order:
When the browser sends the certificate, the server checks if the certificate
is from a trusted certificate authority (CA). If not, the server ends the
transaction.
If the certificate is from a trusted CA, the server maps the certificate to a
user's entry using the CERTMAP.CONF file.
If the certificate maps correctly, then the Web server follows the ACL
rule, or command, specified for that user. The rule can deny or allow the
request.
You can limit access to files and directories on your Web site by making them
available only to people using specific computers. You specify hostnames or
IP addresses for the computers that you want to allow or deny. You can use
wildcard patterns to specify multiple computers or entire networks. If you
want to use Host-IP authentication, you must have DNS running in your
network and your computer must be configured to use it.
Users can access the files and directories immediately without entering a
username or password. If the computer doesn't have access, the user will get
a message denying access. You can also customize this message.
HINT:
It is possible for more than one person to have access to a computer. For
this reason, Host-IP authentication is most effective when combined with User-
Group authentication. If both methods of authentication are used, the end user will
have to enter a username and password before getting access.
Advertisement
Chapters
Table of Contents
Troubleshooting
Related Manuals for Novell NETWARE 6-DOCUMENTATION
Related Products for Novell NETWARE 6-DOCUMENTATION
- NOVELL SENTINEL 6.1 SP1 HOTFIX 2 - READ ME 9-2009
- NOVELL SENTINEL 6.1.1.0 - README
- NOVELL SENTINEL RAPID DEPLOYMENT 6.1 - 12-2009
- NOVELL SENTINEL RAPID DEPLOYMENT 6.1 - 06-15-2009
- NOVELL ZENWORKS PATCH MANAGEMENT 6.3 - S
- NOVELL ZENWORKS PATCH MANAGEMENT 6.4 - S
- NOVELL ZENWORKS PATCH MANAGEMENT 6.4 - AGENT
- Novell Sentinel Rapid Deployment 6.1