Access Control

Use this page to add and delete access control lists, and to add or delete the users and groups they contain. Access control lists let you control user and group access to web pages and other server resources. You can also use this page to specify which hosts can have access to the server.

Note: To enforce access control, you must enable it in the Basic Configuration page.

This page displays the entries in an access control list for a selected realm.

In Jeeves Alpha2, there is an access control policy which is always active, but which is not listed on this page. You cannot change this particular policy. Server administration is controlled through the adminRealm, and the adminAcl in that realm. Anyone granted the GET privilege in the "adminAcl" is allowed to sign on to, and use, the administrative pages. This uses a variant of HTTTP "Digest" authentication, which is not currently provided in other parts of the Jeeves server.

To select a different realm: choose the realm from the list of realms at the bottom of the page.

To create an access control list:

1. Choose the realm under which you want to create the access control list.
2. Click Add Acl.
3. Enter the name of the access control list.
4. Click OK.

1. Select the realm that contains the access control list.
2. Select the access control list to which you want to add an entry.
3. Click Add User Entry.
4. Choose + (to give permission) or - (to refuse permission).
5. Choose whether you want to apply the access control to a user or a group.
6. Enter the user name or group name to which you want to apply the access control.
7. Choose one or more permissions that you want to allow or deny.
8. Click Add Entry.

Note: For given user in a group, the user's access control permissions always take precedence over the group's permissions.

To allow access only from a specific host:

1. Select the realm that contains the access control list.
2. Select the access control list to which you want to add an entry.
3. Click Add Host Entry.
4. Enter the name of the host either as a name or as an IP address. You can use the wild card character (*) when entering a host name (for example, *.edu). Requests that originate from hosts other than the specified host will be denied.

To delete an access control list:

1. Select the realm that contains the access control list.
2. Select the access control list.
3. Click Delete Acl.

To delete an entry in an access control list:

1. Select the realm that contains the access control list.
2. Select the access control list that contains the entry you want to delete.
3. Select the entry.
4. Click Delete Acl Entry.