If you are accessing this page from the Administration Server, see The Edit Access Control Page (Administration Server) in the Administration Server section.
The Edit Access Control page is divided into two frames that set the access control rules. If the resource you chose already has access control, the rules will appear in the top frame.
For more information, see Restricting Access to Your Web Site and ACL File Syntax.
Upper Frame
The upper frame displays access control rules representing each configurable setting as a link. When you click on a link, the page divides into two frames, and you can use the Lower Frame to set the access control rules. The following elements are displayed in the upper frame:
Action.
specifies whether to deny or allow access to the users, groups, or hosts.
Users/Groups.
Allows you to specify user and group authentication when you click "anyone." The bottom frame allows you to configure User-Group authentication. By default, no users or groups outside of the group admin can access Administration Server resources. For more information, see Specifying Users and Groups.
From Host.
Allows you to specify the computers you want to include in the rule when you click "anyplace". In the bottom frame, you can enter wildcard patterns of host names or IP addresses to allow or deny. For more information, see Specifying Host Names and IP Addresses.
Rights.
Allows you to specify access rights to files and directories on your web site. In addition to allowing or denying all access rights, you can specify a rule that allows or denies partial access rights. For example, you can give people read-only access rights to your files, so they can view the information but not change the files. This is particularly useful when you use the web publishing feature to publish documents.
Extra.
Allows you to specify a customized ACL entry. This is useful if you use the access control API to customize ACLs. For more information, see Writing Customized Expressions.
Continue.
Specifies that the next line in the access control rule chain is evaluated before the server determines if the user is allowed access. When creating multiple lines in an access control entry, it's best to work from the most general restrictions to the most specific ones.
Trash Can Icon.
Deletes the corresponding line from the access control rules.
Access Control Is On.
Specifies whether access control is enabled.
New Line.
Adds a default ACL rule to the bottom row of the table. You can use the up and down arrows in the left column to move the rule.
Response when Denied.
Specifies the response a user sees when denied access. You can vary the message for each access control object. By default, the user is sent a message saying that the file was not found (the HTTP error code 404 Not Found is also sent).
Submit.
Saves your entries.
Revert.
Erases your changes and resets the elements in the page to the values they contained before your changes.
Help.
Displays the online help.
Lower Frame
The lower frame allows you to configure access control rules for the ACL in the Upper Frame. The following elements are displayed in the lower frame:
Allow/Deny
Allow.
Allows the user, group, or host access.
Deny.
Denies the user, group, or host access.
Update.
Saves your entries.
Reset.
Erases your changes and resets the elements in the page to the values they contained before your changes.
Help.
Displays the online help.
User/Group
Anyone (No Authentication).
Allows everyone access to the resource. No authentication is required.
Authenticated people only.
Allows only authenticated users and groups to access the resource. Choose from the following options:
Prompt for Authentication.
Allows you specify message text that appears in the authentication dialog box. You can use this text to describe what the user needs to enter. Depending on the operating system, the user will see about the first 40 characters of the prompt. Netscape Navigator and Netscape Communicator cache the username and password and associate them with the prompt text. This means that if the user accesses areas (files and directories) of the server that have the same prompt, the user will not have to retype usernames and passwords. Conversely, if you want to force users to reauthenticate for various areas, you must change the prompt for the ACL on that resource.
Authentication Methods..
Specifies the method the server uses when getting authentication information from the client.
Authentication Database.
Lets you select a database that the server uses to authenticate users. The default setting means the server looks for users and groups in an LDAP directory. However, you can configure individual ACLs to use different databases. You can specify different databases and LDAP directories in the file server_root/userdb/dbswitch.conf. Then, you can choose the database you want to use in the ACL by selecting it in the drop-down list. If you use the access control API to use a custom database (for example, to use an Oracle or Informix database), you can type the name of the database in the "Other" field in the User/Group window.
Update.
Saves your entries.
Reset.
Erases your changes and resets the elements in the page to the values they contained before your changes.
Help.
Displays the online help.
From Host
Any place.
Allows any machine access to the resource.
Only from.
Allows only the specified host names or IP address access to the resource. You specify this restriction by using wildcard patterns that match the machines' host names or IP addresses. For example, to allow or deny all computers in a specific domain, you would enter a wildcard pattern that matches all hosts from that domain, such as *.iplanet.com.
Update.
Saves your entries.
Reset.
Erases your changes and resets the elements in the page to the values they contained before your changes.
Help.
Displays the online help.
Rights
All Access Rights.
Allows the user, group, or host all access rights: read, write, execute, delete, list, and info.
Only the Following Rights.
Allows the user, group, or host only the selected access rights. Choose from the following:
Update.
Saves your entries.
Reset.
Erases your changes and resets the elements in the page to the values they contained before your changes.
Help.
Displays the online help.
Customized Expressions
Customize Expressions.
Allows you to enter custom expressions for an ACL in the text box. You can use this feature if you are familiar with the syntax and structure of ACL files. For more information on customized expressions, see Writing Customized Expressions, and ACL File Syntax.
Update.
Saves your entries.
Reset.
Erases your changes and resets the elements in the page to the values they contained before your changes.
Help.
Displays the online help.
Access Deny Response
Respond with the Default File (Redirection Off).
Displays the HTTP error code 404 Not Found error when the file being requested is not found.
Respond with the Following URL: (Redirection On).
Specifies a URL or the absolute path to a text or HTML file in your server's document root that you want to send to users when they are denied access. Be sure the server has read access to this file on your systemit's a good idea to have the file in a directory under the server root.