How do I restrict access by domain and the rest of the world to the documents in the public_html
Hello,
We have multiple domains configured in our iPlanet Portal Server 3 demo environment. In addition we are using the gateway.
In one of these domains the userTemplate.html file is tailored to display Macromedia Flash components at dynamic positions on the page. The logical home for these Flash components (since the portal software cannot find them if we simply store them in iwtDesktop) is somewhere below the /opt/SUNWips/public_html directory.
The problem is that once the file is stored here I can access it if I know the url (http://server:8080/file_path) without being authenticated in the domain.
The allow/deny url policy settings are specific to a domain and seem to have no affect on the rest of the world.
Any advice you can provide is greatly appreciated.
Thanks!
[832 byte] By [
708937] at [2007-11-25 4:36:56]
Joel,
If your intent is to block access to the doc root, you can probably use access control lists (acl) to prevent anyone from accessing the files stored under public_html. You can get more information about how to create ACLs from the following URL
http://docs.iplanet.com/docs/manuals/enterprise/41/ag/esaccess.htm#1005439
You can even set up Basic Authentication for access to the direcory or ip based access or any which way you want. I've personally never blocked access to the doc root in portal, so I am not sure what the impact will be.
Hope this helps!
You can set restrictions on particular URLs at domain, role and user levels. If you need setting policies at role level, log-in to Admin console and go to
ManageDomains-->Domain-->Your-Role-->Policy-->User.
write the url which one you want to restrict, under Deny list.ex:http://server:8080/test.html
