How to configure ISDAT for access control

This document will explain how to control the access control of the ISDAT database server dbh.

Default settings

By default, when a dbh is run it allows any user on the internet to access it and retrive data.

Activating Access Control

Access control can be activated to only allow certain priveledged hosts and/or users to access the dbh resource. This is done by adding the line

*.common.hosts:		$ISDAT_HOME/config/ishosts

to the isdat.server file (which is found in ISDAT_HOME/config or in the home as the file .isdat.server). The value of *.common.hosts (in this case $ISDAT_HOME/config/ishosts) should be the path to the access control file.

The Access Control File

The access control file is usually called ishosts and usually lives in ISDAT_HOME/config/. It is line separated text file which consists of a list of host names and/or user names. The list specifies which hosts and/or users are allowed access to the server. The format is simply a valid IP address specifying the host and then optionally a list of one or more user names. Space is used as a separator. Comments begin with the # character. Example access control file An example of a minimal file is hostA.some.domain hostB.some.domain ann bob This example grants access to all users on the host hhostB.some.domainostA.some.domain and users ann and bob on the host hostB.some.domain.