Table of Contents
Advertisement
SSL requires the user to have a client certificate. The web server must have
encryption turned on, and the user's certificate issuer must be in the list of trusted
CAs to be authenticated.
By default, the server uses the Basic method for any ACL that doesn't specify a
method. Your server's authentication database must be able to handle digest
authentication sent by a user.
Each authenticate line must specify what attribute (users, groups, or both users and
groups) the server authenticate. The following authentication statement, which
would appear after the ACL type line, specifies basic authentication with users
matched to individual users in the database or directory:
authenticate (user) {
method = "basic";
};
The following example uses SSL as the authentication method for users and
groups:
authenticate (user, group) {
method = "ssl";
};
The following example allows any user whose username begins with the letters
:
sales
authenticate (user)
allow (all)
user = sales*
If the last line was changed to
group attribute is not authenticated.
Authorization Statements
Each ACL entry can include one or more authorization statements. Authorization
statements specify who is allowed or denied access to a server resource. Use the
following syntax when writing authorization statements:
allow|deny [absolute] (right[,right...]) attribute expression;
Start each line with either allow or deny. It's usually a good idea to deny access to
everyone in the first rule and then specifically allow access for users, groups, or
computers in subsequent rules. This is because of the hierarchy of rules. That is, if
you allow anyone access to a directory called
, then the ACL would fail because the
group = sales
/my_stuff
ACL File Syntax
, and then you have a
Appendix C
ACL File Syntax
353
Advertisement
Table of Contents
Need help?
Do you have a question about the NETSCAPE ENTREPRISE SERVER 6.1 - 04-2002 ADMINISTRATOR and is the answer not in the manual?
Questions and answers