Table of Contents
Advertisement
You can use
uniqueattr
when the LDAP server is queried. If a query returns multiple entries, the
authentication will fail.
When you use an alternative attribute for user authentication, you can still use
normal syntax in your ACL entries unless the LDAP entry returned by a query will
include spaces (for example,
spaces, specify each user entry separately, using
allow access for users identified by the
ACL would look like this:
acl "default";
authenticate (user,group) {
database = "default";
method = "basic";
prompt = "Netscape Enterprise Server";
};
deny (read,execute,list,info)
(user = "anyone");
allow (all)
(user = "John Doe" or user = "Jane Doe");
Other Authentication
You can create a custom authentication method using the Access Control API.
Setting Access Control for Host-IP
You can limit access to the Administration Server, or the files and directories on
your web site by making them available only to clients using specific computers.
You specify hostnames or IP addresses for the computers that you want to allow or
deny. You can use wildcard patterns to specify multiple computers or entire
networks. Access to a file or directory using Host-IP authentication appears
seamless to the user. Users can access the files and directories immediately without
entering a username or password.
Since more than one person may use a particular computer, Host-IP authentication
is more effective when combined with User-Group authentication. If both methods
of authentication are used, a username and password will be required for access.
to specify any attribute that will return a single entry
user = "John Doe"
values
cn
Chapter 8
What Is Access Control?
). To accommodate entries with
as a delimiter. For example, to
or
and
John Doe
Jane Doe
Controlling Access to Your Server
, your
169
Advertisement
Table of Contents
Need help?
Do you have a question about the NETSCAPE ENTREPRISE SERVER 6.1 - 08-2002 ADMINISTRATOR and is the answer not in the manual?
Questions and answers