![]() ![]() ![]() |
Within a security context, you establish rules that protect specific resources. For example, you might create a rule to limit write access to files at a specific pathname. A rule determines what action can be performed on a resource.
Once you've defined access rules, you define a security policy that matches rules to users and groups. You grant access to a protected resource by adding both rules and users to a policy. The users and user groups you add to a policy (you can think of them as policy holders) are authorized to use the resources protected by the security context rules, which are assigned to the policy.
In other words, a rule is a key to a door that guards access to a resource. When you create a rule, it means the key needed to open the door to this resource is available. Who will get this key is decided when you create a policy that includes this rule.
Rule names are user-defined logical names. Make the rule name easy to remember and to associate with the resource it protects. For example, if you're writing a rule to protect CFQUERY tag, you might name the rule CFQUERY. If you're writing a rule to protect all access to a particular data source, you might name it DatasourceName_All.
In the Resource Rules page, you might also create additional rules for this security context -- for example, to restrict updating of data sources.
For example, you could create a top-level security policy, called Platinum, to grant to certain users broad access to protected resources.
The Resource Policies window appears showing the available Policies for the current Security Context. Now you can assign a policy to various rules and users.
![]() ![]() ![]() |
AllaireDoc@allaire.com
Copyright © 1998, Allaire Corporation. All rights reserved.