Restricting Server Access

You can control access to the entire server or to parts of it (that is, directories, files, file types). When the server evaluates an incoming request, it determines access based on a hierarchy of rules called access-control entries (ACEs), and then it uses the matching entries to determine if the request is allowed or denied. Each ACE specifies whether or not the server should continue to the next ACE in the hierarchy. The collection of ACEs is called an access-control list (ACL). When the server requires a request, it looks in the vsclass.obj.conf file (where vsclass is the virtual server class name) for a reference to an ACL, which is used to determine access. By default, the server has one ACL file that contains multiple ACLs.

You can configure access control globally for all servers through the Administration Server or for a resource within a specific server instance through the Server Manager. For more information about configuring access control for a resource, see Setting Access Control.

You must enable distributed administration before you can restrict access to the server.

To restrict access to your Sun Java System web server

1. Access the Administration Server and choose the Global Settings tab.

2. Click the Restrict Access link.

3. Select the desired server and click Create ACL.

   The Administration Server displays the access control rules for the server you specified.

4. Make the desired access control changes and click OK.

5. For more information, see the Restrict Access page in the online help.