Setting Up Protected Resources

If you have not already set up your Web applications as Secure access protected resources, you need to do so. In general, you should define the Web application folders, not the application files themselves, as protected resources. For example:

• If you have a single Web application folder structure (for example, the Web Application Server's webapp folder and subfolders), you can define that single Web application folder as a protected resource. Its files and subfolders become secured and are accessible only to users included in the membership lists of ACL rules that allow access.
• If your Web applications are located in different folders and do not have a common parent folder (or don't have a common parent folder that you want to define as a protected resource with Secure access level), you can define each Web application's folder as a protected resource. This accomplishes the same purpose as setting up a single protected resource; it simply involves a little more work for you.

Protected resources are configured through the iChain Service object (ISO) in Novell eDirectory^TM. To define a protected resource.

1. In ConsoleOne^®, right-click the iChain Service object > click Properties to display the property pages.

2. Click the Protected Resources tab.

3. On the Protected Resource page, click the Add button to display the Add New Protected Resource dialog box.

4. Fill in the following fields:

   Resource Name: Enter a name to identify the protected resource. The name differentiates the resources in the Protected Resources list and must be unique within the list. You can, if desired, enter the resource's URL as its name.

   URL Prefix: Enter the resource's URL. For example,

   www.novell.com/webapps/*

   would define the webapps directory and subdirectories as a protected resource. On the other hand,

   www.novell.com/webapps/index.html

   would define only the index.html file as a protected resource.

   Access: Select Secure so that access will be controlled through ACL rules.

   Pass Parameters in the Query String: Leave this option selected.

   Pass Parameters as Header Variables: Leave this option unselected.

5. Click OK to add the resource to the Protected Resource list.

6. Repeat Step 3 through Step 5 to set up additional protected resources.

7. When you've finished setting up protected resources, click OK to save your changes.