JavaServer

Groups


Documentation / Administrator Docs / Developer Docs / Index / Administration Contents

This document has the following sections:

The Groups page allows you to add and delete groups, and to add or remove users in a group. Creating groups makes it possible to assign access to web resources efficiently.

Once you've created a list of groups, you control their access to web pages and other server resources using the Add/Remove and Edit features on the Access Control page.

For a selected group, JavaServer displays the list of users who are members of that group, and the name of the security realm to which the group is assigned.

Settings

The Groups page has three fields:

Realm
A realm is a database of users, groups, and access control lists. It is used to specify which users have access to the resources of a specific service (for example, the Web Page Service).

The JavaServer uses the list of users in the database to identify the customers for the service. Users that are not included in the realm cannot be added to any access control list for the service. Users not on an access control list are generally denied the use of the service.

In some cases, a service does not require that its customers be in an access control list. For example, many web page (HTTP) services make their documents available to all users without requiring that they be registered in an ACL first.

Specific access control policies are applied to both users and groups in the database. For example, one user (or group) may be granted only GET permission to the service, and thus only be able to retrieve and read documents from it. Another user (or group), however, may be granted both GET and POST permissions, meaning that the user (or the members of the group) can add documents for display, as well as read them. Both users (or groups) are in the same realm, but the access control policies applied to them are different.

Note: Individual access control permissions take precedence over group settings. For example, if a user in a group has both GET and POST access, but the group has only GET access, the user is still able to do both GET and POST.

By assigning specific access settings to each user and each group, you can control precisely how the resources of a service are used, and by whom.

The JavaServer has four security realms. These are:

NOTE: It is not possible to add a group to the Unix realm using the JavaServer. The Unix realm is controlled through the DNS database and groups must be added through that mechanism.

Group Name
This field lists the names of the groups assigned to the realm displayed in the realm field. The default group is adminGroup.

Members/Non-Members This field consists of two boxes, one listing the members of the group shown in the Groups field, the other the users in the selected Realm.

Procedures

To Display the Groups in a Realm:

To Create a Group:
  1. Select the realm in which you want to add the group.
  2. Click Add Group. This displays the Add Group box.
  3. Enter the name of the group you want to create.
  4. Click Add. The new group is added to the Group Name field.
To Add a User to a Group:
  1. Select the realm that contains the group.
  2. Select the group to which you want to add a user.
  3. In the Non-Members box, select the user you want to add to the group.
  4. Click Add.
To Remove a User From a Group:
  1. Select the realm that contains the group.
  2. Select the group that contains the user you want to delete.
  3. In the Members box, select the user you want to delete.
  4. Click Remove.
To Remove a Group:
  1. Select the realm that contains the group.
  2. Select the group that you want to delete.
  3. Click Remove Group.
  4. Click Yes on Remove Group box.

Buttons

There are four buttons on the Groups page. These are:
Top
java-server-feedback@java.sun.com