Configuring for Administrator Account Coordination

If the two-tier service application uses Sun WebServer for its administration interface, it is possible to configure the server's ACLs to use the same administrator login information as Sun Internet Administrator. Thus, you have a single set of administrator accounts (in the directory services) to manage. This simplifies management of these accounts and enhances your ability to respond to security risk situations.

You must first install Sun WebServer on the service host (the computer where the service application is installed), and arrange the interface documents and files within the document tree of the server. Then, configure SWS as follows:

1. Create a realm in the default Web site of the SWS instance:

   # htrealm add -i instance -h hostname -r realmname -s ISPADMIN -d ComponentID-VersionNo
   

   Where

   • instance is the name of the httpd instance being configured.

   • hostname is the name of the host containing the realm.

   • realmname is the name of the realm you are creating.

   • ISPAdmin is the source of the realm. Enter ISPADMIN, indicating that these are Sun Internet Administrator administrators.

   • ComponentID-VersionNo is the directory where the administration GUI files (HTML and others) are located.

2. Add ACL protection to the URL where the administration GUI for this service resides:

   # htaccess add -i instance -h hostname -U URI -r realname -s BASIC
   

   Where

   • instance is the name of the httpd instance being configured.

   • hostname is the name of the computer where the Web server is running.

   • realmname is the name of the realm you are creating.

   • BASIC is the authentication scheme wanted. Enter BASIC.

3. Restart the default site, if it is already running. Use the Sun WebServer administration GUI to perform this task. Full instructions are available in the on-line help.