NetResults ProblemTracker
Applying Security Using Netscape FastTrack 2.0

Overview

Netscape servers allow you to restrict access to files located on the web server to particular users that you can define using the Netscape Server Administrator program. Using this mechanism, you can limit access for an individual or group of individuals to the ProblemTracker functions appropriate to their job.

Instructions

  1. Define Web Server Users
    • Start up the Netscape Server Administrator
    • Click on the Access Control button
    • Click on Create User in the left frame
    • Enter the desired username and password, and press OK to create the user. A common user to add is a Administrator for ProblemTracker.

  2. Restrict Access to Web Server Files
    • Start up the Netscape Server Administrator
    • Click on the Access Control button
    • Click on Restrict Access in the left frame
    • In the main frame, press the "Wildcard" button and enter the path of the file or directory you would like to protect. For example, if you would like to limit access to the Admin functions to an Adminstrator user, you would enter:

      installDir\Admin*

      where installDir is the directory on the hard disk where ProblemTracker is installed (for instance "C:\Netscape\Server\Docs\ptdev")

    • The path should appear in the edit field. Below there is a button that turns access control on and off for this path. Click on the button to turn on access control.
    • Below under the section named "Set Access Type", click on the radio button labeled "Deny" in the row labeled "Read". This will tell the server to deny access to everyone for the path specified. Now click on the "Permissions" button.
    • On this page, under "Users Allowed Access At Specified Hosts:" locate the edit field next to the name "Users", and enter the name of the user you wish to allow access (for instance, the Administrator user name). You can also enter a string to describe what this protected path represents in the field labeled "Login Prompt". This string is included the password dialog presented to the user in the browser, so a name like "ProblemTracker Admin" makes sense. Press the Done button to exit this page, and then OK to commit the access control changes.
    • Refer to the table in the Web Server Security Overview section to determine which content directories and program files you would like to protect based upon function. Then repeat the process described here for each.

    When correctly configured, a dialog box appears from the browser requesting a user name and password when a protected page is accessed.