Sun Java System Web Server 6.1 SP9 Administrator's Guide

Restricting Access Based on Time of Day

You can restrict write and delete access to the server during specified hours or on specified days. You might use this option to prevent people from publishing documents during working hours when people might be accessing the files.

To limit access based on time of day, complete the following task:

ProcedureTo limit access based on time of day

  1. Use the Server Manager to select the server instance.

  2. Choose the Preferences tab.

  3. Click the Restrict Access link.

  4. Select the entire server from the drop-down list in Pick a Resource and click Edit Access Control.

  5. Create a new rule allowing read and execute rights to all.

    If a user wants to add, update, or delete a file or directory, this rule will not apply and the server searches for another rule that matches.

  6. Create another new rule denying write and delete rights to all.

  7. Click X link to create a customized expression.

  8. Enter the days of the week and the times of day to be allowed.

    For example:


    user = "anyone" anddayofweek = "sat,sun" or(timeofday >= 1800 andtimeofday <= 600)

    The message “Unrecognized expressions” is displayed in the Users/Groups and From Host fields when you create a custom expression.

  9. Submit and Apply your changes.

    Any errors in the custom expression will generate an error message. Make corrections and submit again.

ProcedureTo restrict access based on security

As of Sun Java System Web Server 6.1 you can configure SSL and non-SSL listen sockets for the same server instance. Restricting access based on security allows you to create protection for resources that should only be transmitted over a secure channel.

To limit access based on security, using the steps described for setting access control for a server instance, you would:

  1. Use the Server Manager to select the server instance.

  2. Choose the Preferences tab.

  3. Click the Restrict Access link.

  4. Select the entire server from the drop-down list in Pick a Resource and click Edit Access Control.

  5. Create a new rule allowing read and execute rights to all.

    If a user wants to add, update, or delete a file or directory, this rule will not apply and the server will searches for another rule that matches.

  6. Create a new rule denying write and delete rights to all.

  7. Click X link to create a customized expression.

  8. Enter ssl=”on”.

    Example:


    user = "anyone" and ssl=”on”
  9. Submit and Apply your changes.

    Any errors in the custom expression generates an error message. Make the necessary corrections and submit your changes again.