Solaris X Window System Developer's Guide

Access Control Mechanisms

An access control mechanism controls which clients or applications have access to the OpenWindows server. Only properly authorized clients can connect to the server. All unauthorized X clients terminate with the following error message:


connection to hostname refused by server Xlib:

Client is not authorized to connect to


The server console displays the following message:


<Date Time Year>: X: client

6 rejected from IP port

3485 	Auth name:


The two types of access control mechanisms are: user-based and host-based. Unless the -noauth option is used with openwin, both the user-based access control mechanism and the host-based access control mechanism are active. See Manipulating Access to the Server for more information.


A user-based, or authorization-based mechanism allows you to give access explicitly to a particular user on any host. The user's client passes authorization data to the server. If the data matches the server's authorization data, the user obtains access.


A host-based mechanism is a general purpose mechanism. It allows you to give access to a particular host, such that all users on that host can connect to the server. This is a weak form of access control; if a host has access to the server, all users on that host can connect to the server.

The Solaris environment provides the host-based mechanism for backward compatibility. Applications linked with a version of Xlib older than OpenWindows Version 2 or X11R4 do not recognize the new user-based access control mechanism. To enable these applications to connect to the server, a user must either switch to the host-based mechanism, or relink with the newer version of Xlib.

Note –

If possible, clients linked with an older version of Xlib should be relinked with a newer version of Xlib. This enables them to connect to the server with the new user-based access control mechanism.