An access control mechanism controls which clients or applications have access to the X11 server. Only properly authorized clients can connect to the server. All other clients are denied access, and are terminated with the following error message.
Xlib: connection to hostname refused by server Xlib: Client is not authorized to connect to server
The connection attempt logs to the server console as:
AUDIT: <Date Time Year>: X: client 6 rejected from IP 18.104.22.168 port 3485 Auth name: MIT-MAGIC-COOKIE-1
Two different types of access control mechanisms are used: user based and host based. That is, one mechanism grants access to a particular user's account, while the other mechanism grants access to a particular host, or machine. Unless the -noauth option is used with Xsun, both the user-based access control mechanism and the host-based access control mechanism are active. For more information see Manipulating Access to the Server.
A user-based, or authorization-based, mechanism allows you to give access explicitly to a particular user on any host machine. The user's client passes authorization data to the server. If the data match the server's authorization data, the user is allowed access.
A host-based mechanism is a general-purpose mechanism. This type of mechanism enables you to give access to a particular host, in which all users on that host can connect to the server. A host-based mechanism is a weaker form of access control. If the host has access to the server, all users on that host are allowed to connect to the server.
The Solaris environment provides the host-based mechanism for backward compatibility.