When you use access control on the Administration Server or the files or directories on the server, the settings are stored in a file with the extension .acl. Access control files are stored in the directory server-root/httpacl, with server-root being the location where the server is installed. For example, if you installed the server in /usr/Sun/Servers, the ACL files for both the Administration Server and each server instance configured on your server would be located in /usr/Sun/Servers/httpacl/.
The main ACL file is generated-proxy-serverid.acl. The temporary working file is genwork-proxy-serverid.acl. If you use the Administration Server to configure access, you will have these two files. However, if you want more complex restrictions, you can create multiple files and reference them from the server.xml file. A few features are also available only by editing the files, such as restricting access to the server based on the time of day or day of the week.
For more information about access control files and their syntax, see Chapter 18, ACL File Syntax. For more information about server.xml, see the Oracle iPlanet Web Proxy Server 4.0.14 Configuration File Reference.