Users
|
1. Anyone — No authentication.
Grants access to everyone.
2. All in the Auth DB — Grants
access to all users specified in the authentication database.
3. Only the following in the Auth DB —
Restrict access to selected users from the authentication DB.
You can query the authentication DB based on common attributes like
First name, Last name and Email address.
|
From Host
|
You can restrict access to the Administration Server or your web site
based on which computer the request comes from.
If you select the Only from option, enter a wildcard pattern or a comma-separated
list in the Host Names or IP Addresses fields. Restricting by hostname is
more flexible than by IP address: if a user’s IP address changes, you
won’t need to update this list. Restricting by IP address, however,
is more reliable: if a DNS lookup fails for a connected client, hostname restriction
cannot be used.
You can only use the * wildcard notation for wildcard
patterns that match the computers’ host names or IP addresses. For example,
to allow or deny all computers in a specific domain, you will enter a wildcard
pattern that matches all hosts from that domain, such as *.sun.com.
You can set different hostnames and IP addresses for superusers accessing
the Administration Server.
For hostnames, the * must replace an entire component
of the name. That is, *.sun.com is acceptable, but *users.sun.com is not. When the * appears in a hostname, it
must be the left-most character.
For the IP address, the * must replace an entire
byte in the address. For example, 198.95.251.* is acceptable,
but 198.95.251.3* is not. When the * appears
in an IP address, it must be the right-most character. For example, 198.* is acceptable, but not 198.*.251.30.
|
Rights
|
Access rights restrict access to files and directories on your web site.
In addition to allowing or denying all access rights, you can specify a rule
that enables or denies
partial access rights. For example, you allow users read-only access rights
to your files, so they can view the information, but not change the files.
|
Continue
|
The server goes through the list of access control expressions (ACEs)
to determine the access permissions. For example, the first ACE is usually
to deny everyone. If the first ACE is set to “continue,” the server
checks the second ACE in the list, and if it matches, the next ACE is used.
If continue is not checked, everyone will be denied
access to the resource. The server continues down the list until it reaches
either an ACE that doesn’t match, or that matches but is set to not
continue. The last matching ACE determines if access is allowed or denied.
|