Help for Protection Setup

Use this form to define either an in-line or named protection setup.

Protection Setups

Protection setups control access to the directories or files being protected. When the server receives a request that matches a protected URL request template, the server activates protection. The server goes to the protection setup associated with the matching template to determine how to control access to the protected resources.

You can use two types of protection to control access to protected resources:

• User name and password protection
• Address template protection

See the Up and Running book for details on these two types of protection.

To define a protection setup:

1. If you want this protection setup to use user name and password protection, fill in the following fields:
   • Server identifier - a name you want to use to identify this protection setup to requesters. The name does not need to be a real machine name. This name is sent to requesters along with the prompt for user name and password. This helps the requester decide what user name and password to enter.
   • Password file - the fully qualified path and file name of the password file you want this protection setup to use. Any user names you use in the Get, Put, Post, Delete, or All fields must be defined in the password file you specify. Also, any group names you use must contain user names that are defined in the password file. You create password files with the htadm command. See the Up and Running book for information on using htadm.
   • Group file - the fully qualified path and file name of the server group file you want this protection setup to use. You only need to fill in this field if you want to use group names in the Get, Put, Post, Delete, or All fields. See the Up and Running book for information on how to create group files.
2. Select the Authorization type:
   • Basic - use this type of authorization if any part of the protection setup uses user name and password protection. With basic authorization, when passwords are sent to the host, they are sent as plain text. They are encoded, but not encrypted.
   • None - use this type of authorization if you are using address template protection only.
3. Check the Allow ACL file to override masks check box if you want your Access Control Lists to override the Get, Put, Post, Delete, and All fields.
4. Enter user names, group names, and address templates in the following fields. See the Up and Running book for complete details on the different ways you can specify user names, group names, and address templates in these fields. Separate multiple values in the same field with commas.
   • Get - authorize user names, groups, and address templates to make GET requests to a protected directory.
   • Put - authorize user names, groups, and address templates to make PUT requests to a protected directory.
   • Post - authorize user names, groups, and address templates to make POST requests to a protected directory.
   • Delete - authorize user names, groups, and address templates to make DELETE requests to a protected directory.
   • All - authorize user names, groups, and address templates to make requests not covered in any of the other above fields.
5. Click on Apply to update your server with the changes you made to the form.

   Click on Reset if you want to return to the values that were on the form before you made changes.