As of Sun Java System Web Server 6.1 you can configure SSL and non-SSL listen sockets for the same server instance. Restricting access based on security allows you to create protection for resources that should only be transmitted over a secure channel.
To limit access based on security, using the steps described for setting access control for a server instance, you would:
Use the Server Manager to select the server instance.
Choose the Preferences tab.
Click the Restrict Access link.
Select the entire server from the drop-down list in Pick a Resource and click Edit Access Control.
Create a new rule allowing read and execute rights to all.
If a user wants to add, update, or delete a file or directory, this rule will not apply and the server will searches for another rule that matches.
Create a new rule denying write and delete rights to all.
Click X link to create a customized expression.
Enter ssl=”on”.
Example:
user = "anyone" and ssl=”on” |
Submit and Apply your changes.
Any errors in the custom expression generates an error message. Make the necessary corrections and submit your changes again.