What Is Access Control?
330
Netscape Enterprise Server Administrator’s Guide
address in the browser certificate with the directory server entry. In such a case,
it would not be necessary to publish the entire client certificate to the directory
server since only the user ID and email address must match to gain access.
Host-IP Authentication
You can limit access to Enterprise Administration Server or the files or
directories on your web site by making them available only to clients using
specific computers. You specify hostnames or IP addresses for the computers
that you want to allow or deny. You can use wildcard patterns to specify
multiple computers or entire networks. End user access to a file or directory
using Host-IP authentication appears seamless. Users can access the files and
directories immediately without entering a username or password. If the
machine does not have access, the user will see a message denying access. For
information on customizing this message, see “Responding When Access is
Denied” on page 347.
Note
It is possible for more than one person to have access to a particular system.
For this reason, Host-IP authentication is more effective when combined with
User-Group authentication. If both methods of authentication are used, the end
user will have to enter a username and password on a particular computer
before getting access.
IP authentication does not require DNS to be configured on your server. If you
want to use hostname authentication, however, you must have DNS running in
your network and your server must be configured to use it. You can enable
DNS on your server through the Performance Tuning page in the Preferences
tab.
Enabling DNS degrades the performance of Enterprise Server since the server is
forced to do DNS look-ups. To reduce the effects of DNS look-ups on your
server’s performance, resolve IP addresses only for access control and CGI
instead of resolving the IP address for every request. To do this, add the line
“
iponly=1
” to the line that begins:
AddLog fn="flex-log"
name="access"
in your
obj.conf
file. The resulting line is the following:
AddLog fn="flex-log" name="access" iponly=1
Содержание Netscape Enterprise Server
Страница 30: ...Contacting Technical Support 30 Netscape Enterprise Server Administrator s Guide ...
Страница 31: ...Part 1 Server Basics 31 1 Server Basics Introduction to Enterprise Server Administering Enterprise Servers ...
Страница 32: ...32 Netscape Enterprise Server Administrator s Guide ...
Страница 56: ...Sending Error Information to Netscape 56 Netscape Enterprise Server Administrator s Guide ...
Страница 64: ...Migrating a Server From a Previous Version 64 Netscape Enterprise Server Administrator s Guide ...
Страница 66: ...66 Netscape Enterprise Server Administrator s Guide ...
Страница 112: ...Managing a Preferred Language List 112 Netscape Enterprise Server Administrator s Guide ...
Страница 158: ...158 Netscape Enterprise Server Administrator s Guide ...
Страница 182: ...Using the Watchdog uxwdog Process Unix 182 Netscape Enterprise Server Administrator s Guide ...
Страница 196: ...Viewing Events Windows NT 196 Netscape Enterprise Server Administrator s Guide ...
Страница 218: ...Enabling the Subagent 218 Netscape Enterprise Server Administrator s Guide ...
Страница 266: ...266 Netscape Enterprise Server Administrator s Guide ...
Страница 302: ...Enabling WAI Services 302 Netscape Enterprise Server Administrator s Guide ...
Страница 310: ...310 Netscape Enterprise Server Administrator s Guide ...
Страница 390: ...Customizing the Web Publisher User Interface 390 Netscape Enterprise Server Administrator s Guide ...
Страница 446: ...Customizing the Search Interface 446 Netscape Enterprise Server Administrator s Guide ...
Страница 448: ...448 Netscape Enterprise Server Administrator s Guide ...
Страница 454: ...Responses 454 Netscape Enterprise Server Administrator s Guide ...
Страница 464: ...Referencing ACL Files in obj conf 464 Netscape Enterprise Server Administrator s Guide ...
Страница 504: ...504 Netscape Enterprise Server Administrator s Guide ...