Access Control Examples
Here are some typical access control configurations that might be used
in different settings:
Allow connections from anywhere (no authentication)
- From the Server Settings window, click a server (Remote Server, Web Server, or Telnet Server).
A list of firewall entries appears in the right pane.
- Add a firewall definition and set it to "Allow
*.*.*.*."
- From the Users panel, create a Guest account
with an Automatic Login address of "*.*.*.*".
Note 1: This is a very open setting. Be sure that you actually
intend to allow anyone to connect. This configuration might be reasonable
if InterMapper were running behind a firewall, and thus not visible outside
your organization.
Note 2: The IP wildcard example above works with 32-bit IPv4 address. InterMapper now supports 128-bit IPv6 addresses. Wildcard characters are not currently supported for IPv6 addresses.
Allow connections from anywhere, but with authentication
- Define your user names and passwords as described in Users
and Groups.
- From the Server Settings window, click Remote Server.
A list of firewall entries appears in the right pane.
- Add a firewall definition and set it to "Allow *.*.*.*."
Anyone that connects is required to provide a username/password.
Allow web connections to see all maps
- Define a group named FullWebAccess.
- Add users to that group.
The users in the group can view all web pages.
Allow people
from known addresses to connect without entering a password
This is called an automatic-login user.
- Create a new user with the desired name.
- Leave the Password box empty.
- Enter the desired IP address in the Automatic Login
box.
All connections from that IP address or range are automatically connected,
and are assigned the specified user name.
Allow a non-administrator user to see the log files
- Define a group named FullLogAccess.
- Add users to that group.
The users in the group can view all the log files.
Allow an automatic-login user name to connect from elsewhere by
entering a password
- Create an automatic-login
user as described above, but enter a password.
When connecting from an IP address within the range specified for
automatic login, the user is automatically connected and assigned the
specified user name.
When connecting from an IP address outside the range specified
for automatic login, the user is prompted for a user name and password.
Deny all connections from certain addresses or sites
You can prohibit connections from certain sites.
- From the Server Settings window, click Remote Server.
A list of firewall entries appears in the right pane.
- Click Add... The Firewall Definition dialog
appears.
- In the IP Address box, enter an IP address
or IP address range.
- From the Access dropdown menu, choose Deny.
- Click OK.
All connections from the specified IP address or range are denied.
Give a single user access to a specific map
- From the Users tab, create a new
user.
- From the Maps tab, set the user's permissions for the
Web and Remote servers.
These permissions are tested only if the user fails to match the global
IP address test and/or username and password