This document has the following sections:

• Settings
• Procedures
• Buttons

A security realm contains users and/or groups plus their associated access control lists (ACL). The access control list for a user in a particular realm specifies the privileges that user is granted to access server resources. Resources include such things as files, directories, and servlets.

The Users page lets you view, add, edit, or delete the list of users in a given Realm. Once you've created a list of users, you control their access using the Add/Remove and Edit features on the Access Control page. To assign the same user different sets of access privileges, you assign the user to more than one realm.

Settings

Realm

The Java Web Server has the following security realms:

• UNIX - Applies only to users in a UNIX environment. It is the same database of users as listed by the UNIX getpwent() routines. This realm lets the server use HTTP "Basic" authentication with users' UNIX passwords.
• NTRealm - Applies only to users in a Windows NT environment and therefore is only available in the Win32 version of this product.
• defaultRealm - The realm for controlling the example servlets. This realm can also be used for general management of users and groups.
• certificateRealm - Used to protect resources for users who are authenticated using Secure Sockets Layer (SSL). This realm is only packaged in the versions of this product which include SSL.
• servletMgrRealm - Used exclusively for signed servlet support, which is used primarily by software publishers. Holds the X.509 certificates used to authenticate those publishers.

NOTE: On the UNIX realm, it is not possible to add a user through the Java Web Server. The UNIX realm is controlled through the DNS database and users must be added through that mechanism.

NOTE: To access NT realms, the server has to be run as Administrator and special rights ("Act as part of operating system") have to be granted to the Administrators group. To do this:

1. Go to the Programs -> Administrative Tools -> UserManager for domains panel.
2. Click on Policies -> User Rights.
3. Select the "Show Advanced User Rights" checkbox.
4. Enable "Act as part of operating system" rights for the administrator.

Procedures

To Display the Users in a Realm:

• Select the name of the realm in the Realm field. The users belonging to that realm are displayed in the Name field.

To Add a New User to a Realm:

1. Select the realm to which you want to add the user.
2. Click Add. This displays the Add User box.
3. Enter the user name of the user, and the user's password, and verify the password.
4. Click OK.

   To Delete a User Account from a Realm:

   1. Select the realm from which you want to delete the user.
   2. Select the user name to be removed.
   3. Click Remove.
   4. When you see the Remove User box, click Yes.
   Note: Do not delete the "admin" user account.

   To Change a User's Password (UNIX or defaultRealm only):

   1. Select the realm that contains the user account you want to change.
   2. Click Change Password. This displays the Change Password box.
   3. Enter the user's new password and verify the password.
   4. Click OK.

   To Add a New User in the servletMgrRealm

   1. Select the servletMgrRealm.
   2. Click Add. This displays the Enter Certificate URL.
   3. Enter the user name of the user, and the Certificate URL (this is the location of where your signed/unsigned certificate resides, that is, file:/home/lcheng/certirficate/myservlet.jar.sig or http://host/certificate/myservlet.jar.sig).
   4. Click OK.

   Buttons

   To make changes to the Users page and have those settings take affect, use the three buttons at the bottom of the screen. These are:
   • Add - Adds a user to the selected Realm.
   • Remove - Removes a user from the selected Realm.
   • Change Password - Changes the password for the user selected in the Name field. This button is present for UNIX realm and defaultRealm only.

   ---

   Top java-server-feedback@java.sun.com

   Copyright © 1997 Sun Microsystems, Inc. All Rights Reserved.