If you are accessing this page from the Server Manager, see The Edit Access Control Page in the Server Manager section.
The Edit Access Control page is divided into two frames that set the access control rules. If the resource you chose already has access control, the rules will appear in the top frame.
For more information, see Restricting Access to Your Web Site and ACL File Syntax.
The following elements are displayed:
Upper Frame
The upper frame displays access control rules representing each configurable setting as a link. When you click on a link, the page divides into two frames, and you can use the Lower Frame to set the access control rules. The ACL for the Administration Server, begins with two non-editable deny statements by default. The following elements are displayed in the upper frame:
Action.
specifies whether to deny or allow access to the users, groups, or hosts. For the Administration Server, the first two lines of the access control rules are set to deny everyone except the group admin access to any portion of the Administration Server. If allow users and groups outside of the group admin access, you must click New Line and create an access control rule.
Users/Groups.
Allows you to specify user and group authentication when you click "anyone." The bottom frame allows you to configure User-Group authentication. By default, no users or groups outside of the group admin can access the Administration Server resources. For more information, see Specifying Users and Groups.
From host.
Allows you to specify the computers you want to include in the rule when you click "anyplace". In the bottom frame, you can enter wildcard patterns of host names or IP addresses to allow or deny. For more information, see Specifying Host Names and IP Addresses.
Programs.
Restricts access to the tabs in the Administration Server. For example, you can restrict access to all pages for configuring the administration server by selecting All Programs. If you want to restrict access to one or two sets of pages, choose the name of the tab in the scroll-down list. If you want to restrict access to one page in a tab, type the name of the page in Program Items. For example, to restrict access to the Access Control List Management page, type distacl in Program Items. For more information,
see Access to Programs.
Extra.
Allows you to specify a customized ACL entry. This is useful if you use the access control API to customize ACLs. For more information, see Writing Customized Expressions.
Continue.
Specifies that the next line in the access control rule chain is evaluated before the server determines if the user is allowed access. When creating multiple lines in an access control entry, it's best to work from the most general restrictions to the most specific ones.
Trash can icon.
Deletes the corresponding line from the access control rules.
Note.
Do not delete all the ACL rules from the ACL files. At least one ACL file is required to start the server, and the ACL file must have at least one ACL rule.If you delete all the ACL rules in the ACL files, and try to restart the server, you will see a syntax error.
Access control is on.
Specifies whether access control is enabled.
New Line.
Adds a default ACL rule to the bottom row of the table. You can use the up and down arrows in the left column to move the rule.
Response when denied.
Specifies the response a user sees when denied access. You can vary the message for each access control object. By default, the user is sent a message saying that the file was not found (the HTTP error code 404 Not Found is also sent).
Submit.
Saves your entries.
Revert.
Erases your changes and resets the elements in the page to the values they contained before your changes.
Help.
Displays the online help.
Lower Frame
The lower frame allows you to configure access control rules for the ACL in the Upper Frame. The following elements are displayed in the lower frame:
Allow/Deny
Allow.
Allows the user, group, or host access.
Deny.
Denies the user, group, or host access.
Update.
Saves your entries.
Reset.
Erases your changes and resets the elements in the page to the values they contained before your changes.
Help.
Displays the online help.
User/Group
Anyone (no authentication).
Allows everyone access to the resource. No authentication is required.
Authenticated people only.
Allows only authenticated users and groups to access the resource. Choose from the following options:
Prompt for authentication.
Allows you specify message text that appears in the authentication dialog box. You can use this text to describe what the user needs to enter. Depending on the operating system, the user will see about the first 40 characters of the prompt. Netscape Navigator and Netscape Communicator cache the username and password and associate them with the prompt text. This means that if the user accesses areas (files and directories) of the server that have the same prompt, the user will not have to retype usernames and passwords. Conversely, if you want to force users to reauthenticate for various areas, you must change the prompt for the ACL on that resource.
Update.
Saves your entries.
Reset.
Erases your changes and resets the elements in the page to the values they contained before your changes.
Help.
Displays the online help.
From Host
Any place.
Allows any machine access to the resource.
Only from.
Allows only the specified host names or IP address access to the resource. You specify this restriction by using wildcard patterns that match the machines' host names or IP addresses. For example, to allow or deny all computers in a specific domain, you would enter a wildcard pattern that matches all hosts from that domain, such as *.iplanet.com.
Update.
Saves your entries.
Reset.
Erases your changes and resets the elements in the page to the values they contained before your changes.
Help.
Displays the online help.
Programs
All programs.
Allows users or groups access to all the tabs in the Administration Server.
Only the following.
Allows users or groups access to either specific tabs or specific pages. You can choose multiple tabs by pressing the Control key and then clicking the tabs.
Update.
Saves your entries.
Reset.
Erases your changes and resets the elements in the page to the values they contained before your changes.
Help.
Displays the online help.
Customized Expressions
Customize expressions.
Allows you to enter custom expressions for an ACL in the text box. You can use this feature if you are familiar with the syntax and structure of ACL files. For more information on customized expressions, see Writing Customized Expressions, and ACL File Syntax.
Update.
Saves your entries.
Reset.
Erases your changes and resets the elements in the page to the values they contained before your changes.
Help.
Displays the online help.
Access Denied Response
Respond with the default file (redirection off).
Displays the HTTP error code 404 Not Found error when the file being requested is not found.
Respond with the following file (physical path): (redirection on).
Specifies a URL or the absolute path to a text or HTML file in your server's document root that you want to send to users when they are denied access. Be sure the server has read access to this file on your systemit's a good idea to have the file in a directory under the server root.