Sun Java System Web Server 6.1 SP11 Administrator's Guide

Creating an ACL for a Directory Service Based on Digest Authentication

The file authentication database also supports a file format suitable for use with digest authentication per RFC 2617. A hash based on the password and realm is stored. Clear text passwords are not maintained.

To create an ACL for a directory service based on digestauth-based authentication, perform the following steps:

ProcedureTo create an ACL for a directory service

  1. Access the Server Manager and select the server instance you wish to create or edit ACLs for.

  2. Choose the Preferences tab from the Server Manager.

  3. Click the Restrict Access link.

  4. Under the Option column, choose the ACL file from the drop-down list and click Edit ACL.

  5. In the Access Control Rules page in the top frame, click the Users/Groups link for the ACL you want to edit.

  6. In the User/Group page in the bottom frame, from the Authentication database drop-down list, select digest.

  7. Click Update.

    When you set an ACL against a digestauth-based file authentication database, the dbswitch.conf file is updated with an ACL entry such as the sample entry given below:


    version 3.0;
      acl "default";
      authenticate (user) {
      prompt = "filerealm";
      database = "mydigestfile";
      method = "digest";
      };
    deny (all) user = "anyone";
    allow (all) user = "all";