Netscape ENTREPRISE SERVER 6.0 - ADMINISTRATOR Administrator's Manual page 170

How Access Control Works
# in the username and password dialog box in the client's
# browser.
acl
"path=/export/user/990628.1/docs/my_stuff/web/presentation.html"
;
authenticate (user,group) {
};
deny (all)
(user = "anyone" or group = "my_group");
allow (all)
(user = "SpecificMemberOfGroupB") and
(ip = "208.12.54.76");
# The following ACL rule denies everyone not in the directory
# server and everyone in the directory server except for
# GroupA and GroupB access to the directory "my_stuff"
acl "path=/export/user/990628.1/docs/my_stuff/";
authenticate (user,group) {
};
deny (all)
(user = "anyone");
allow (read,execute,list,info)
(group = "GroupA,GroupB");
For example, if a user requests the URL:
http:// server_name /my_stuff/web/presentation.html
Enterprise Server would first check access control for the entire server. If the ACL
for the entire server was set to continue, the server would check for an ACL for the
directory
and then moves on to the next directory. This process continues until an ACL is
found that denies access, or until the final ACL for the requested URL (in this case,
the file
To set up access control for this example using the Server Manager, you could
create an ACL for the file only, or for each resource leading to the file. That is, one
for the entire server, one for the
directory, and one for the file.
170 Netscape Enterprise Server Administrator's Guide • November 2001
database = "default";
method = "basic";
prompt = "Presentation Owner";
database = "default";
method = "basic";
. If an ACL exists, the server checks the ACEs within the ACL,
my_stuff
) is reached.
presentation.html
directory, one for the
my_stuff my_stuff/web