Table of Contents
Advertisement
Access Control Files
How Does Access Control Work?
268 Getting Results with Novell Web Services
When you use access control on your Web server, the settings are stored in a
file with the extension .ACL. Access control files are stored in the directory
server_root/server_typeACL, where server-type is the name of the server.
The main ACL filename is GENERATED-HTTPS-server-id.ACL. The
temporary working file is called GENWORK-HTTPS-server-id.ACL. If you
use the Server Manager forms to restrict access, you'll have these two files.
However, if you want more complex restrictions, you can create multiple files
and reference them from the MAGNUS.CONF file. There are also a few
features available only by editing the files. For example, you can restrict
access to the server depending on the time of day or day of the week.
You also manually create and edit .ACL files if you want to customize access
control. For example, you might want to use an Oracle* or Informix* database
of users instead of an LDAP database. To do this type of customizing, you
need to use the access control API to program a hook into the server's access
control structure. This API is written in C. For more information on the API,
see the
Netscape DevEdge Online site
You can control access to the entire server or to parts of the server (directories,
files, file types). When the server evaluates an incoming request, it determines
access based on a hierarchy of rules called access control entries (ACEs), and
then it uses the matching entries to determine if the request is allowed or
denied. Each ACE specifies whether or not the server should continue to the
next ACE in the hierarchy. The collection of ACEs is called an access control
list (ACL).
When a request comes in to the server, the server looks in OBJ.CONF for a
reference to an ACL, which is then used to determine access. By default, the
server has one ACL file that contains multiple ACLs.
For example, suppose someone requests the following URL:
http://www.novell.com/my_stuff/web/presentation.html
The server would first check access control for the entire server. If the ACL
for the entire server was set to continue, the server checks to see if there is an
ACL for the file type .HTML. Then it checks for an ACL for the directory
MY_STUFF. If one exists, it checks the ACE and then moves on to the next
directory. The server continues traversing the path either until it reaches an
(http://developer.netscape.com).
Advertisement
Chapters
Table of Contents
Troubleshooting
Related Manuals for Novell NETWARE 6-DOCUMENTATION
Related Products for Novell NETWARE 6-DOCUMENTATION
- NOVELL SENTINEL 6.1 SP1 HOTFIX 2 - READ ME 9-2009
- NOVELL SENTINEL 6.1.1.0 - README
- NOVELL SENTINEL RAPID DEPLOYMENT 6.1 - 12-2009
- NOVELL SENTINEL RAPID DEPLOYMENT 6.1 - 06-15-2009
- NOVELL ZENWORKS PATCH MANAGEMENT 6.3 - S
- NOVELL ZENWORKS PATCH MANAGEMENT 6.4 - S
- NOVELL ZENWORKS PATCH MANAGEMENT 6.4 - AGENT
- Novell Sentinel Rapid Deployment 6.1