The Groups page allows you to add and delete groups, and to add or remove users in a group. Creating groups makes it possible to assign access to web resources efficiently.
Once you've created a list of groups, you control their access to web pages and other server resources using the Add/Remove and Edit features on the Access Control page.
For a selected group, Java Server displays the list of users who are members of
that group, and the name of the security realm to which the group is assigned.
Settings
The Groups page has three fields:
Realm
A realm is a database of users, groups, and access control lists.
It is used to specify which users have access to the resources of
a specific service (for example, the Web Page Service).
The Java Server uses the list of users in the database to identify the customers for the service. Users that are not included in the realm cannot be added to any access control list for the service. Users not on an access control list are generally denied the use of the service.
In some cases, a service does not require that its customers be in an access control list. For example, many web page (HTTP) services make their documents available to all users without requiring that they be registered in an ACL first.
Specific access control policies are applied to both users and groups in the database. For example, one user (or group) may be granted only GET permission to the service, and thus only be able to retrieve and read documents from it. Another user (or group), however, may be granted both GET and POST permissions, meaning that the user (or the members of the group) can add documents for display, as well as read them. Both users (or groups) are in the same realm, but the access control policies applied to them are different.
Note: Individual access control permissions take precedence over group settings. For example, if a user in a group has both GET and POST access, but the group has only GET access, the user is still able to do both GET and POST.
By assigning specific access settings to each user and each group, you can control precisely how the resources of a service are used, and by whom.
The Java Server has three security realms. These are:
getpwent()
routines. This realm lets the server use HTTP
"Basic" authentication with users' Unix passwords.
adminGroup
.
Members/Non-Members
This field consists of two boxes, one listing the members of the group shown in the
Groups field, the other the users in the selected Realm.
Procedures