User guide

ManualsBrandsRed Hat ManualsComputer equipmentNETSCAPE ENTERPRISE SERVER 6.0 - NSAPI PROGRAMMER GUIDE

151

152

153

154

155

156

157

158

159

160

Chapter 2: Environment Setup (SSO Administrators)

2-82

Remarks

When this system is linked with the Application Gateway and can be accessed only by clients on the

Internet, multiple business systems may have the same public URL. Therefore, the new site

configuration may be already registered. In this case, as the above registration procedure is

unnecessary, go to 'Registering protection path', below. Refer to 'Settings for Operation using

Application Gateway' for details.

Registering Protection Path

Access control information must be set for Web contents to be opened on the business server. In

addition to the access control information, set the access control path and access permission role.

Perform the following procedure on the Interstage Management Console of the machine on which the

repository server (update system) was created. Refer to the Operator’s Guide for details of the items to

be defined on the Interstage Management Console.

1. Select [System] > [Security] > [Single Sign-on] > [Authentication infrastructure] > [Repository

server] >[Protection resource]. A list of defined sites is displayed in the [Protection resource] tree.

Select the site for which a protection path is to be set.

2. Click [Protection path] in the tree. A list of path configurations is displayed. Click the [Create a New

Path configuration] tab.

3. In [Path], set the path that is to be access-controlled. To control the access to a directory, always

write "/" at the end of the path. To control the access to a file, do not write "/" at the end of the path.

4. After the path to be access-controlled is set, select the name of the role or role set that can access

the path. To permit the access by all users that are registered in the SSO repository, specify

nothing as the role name or role set name.

5. Click [Create] to display a list of the specified paths and role information and check them.

6. Request the business server administrator to update the access control information.

Refer to 'Information Required for Authorization Using Roles' in 'Overview' for an explanation of

permission by a role. Refer to 'Setting User Information Report with Environment Variables' in

'Developing Applications' for an explanation of the user attributes to be posted at authorization setting.

Note

When this system is linked with the Application Gateway and can be accessed only by clients on the

Internet, multiple business systems may have the same public URL. To avoid such duplication, these

business systems must be designed to have different protection paths.

If an already registered protection path was reported by the business server administrator, request the

business server administrator to review the business system design to prevent the protection paths from

duplicating.

Refer to Settings for Operation using Application Gateway for details.

Settings for Protection Resource

In the authentication server, configure both the site configuration of the business system registered in

the SSO repository, and the protection path information.

Use a text editor to open the configuration file of the authentication server, and add the protection

resource information. If modifying the configuration file, restart the authentication server. For details on

how to start and stop the authentication server, refer to 'Starting an Authentication Server and 'Stopping

an Authentication Server' in Chapter 4, Operation and Maintenance.