/
AccessControl

AccessControl

Owned by Rod Widdowson
Last updated: Nov 24, 2021
1 min read

One of the following child elements can be used to attach an access control policy to matching requests:

  • <htaccess>

    • Enables native Apache .htaccess support during Apache's authorization phase. This is automatic and implicitly plugged in for the Native RequestMapper, but can be enabled by hand if the XML RequestMapper is used. Note that this will fail for non-Apache servers.

  • <AccessControl>

    • Attaches an access control policy using the XML-based plugin provided with the SP. This is a short-hand for embedding the policy in the element above, if you want the policy inside the RequestMapper's configuration file anyway.

If no element is included (or inherited or implicitly enabled), any access control is left to the resource itself and the SP simply passes its session information along.

If an error occurs when processing this element, a dummy policy to deny access is installed to prevent accidental exposure.

Related content

XMLAccessControl
XMLAccessControl
Service Provider 3
More like this
AccessControlConfiguration
AccessControlConfiguration
Identity Provider 3
More like this
ApplicationDefaults
ApplicationDefaults
Service Provider 3
Read with this
AccessControlProvider
AccessControlProvider
Service Provider 3
More like this
ApplicationOverride
ApplicationOverride
Service Provider 3
Read with this
AccessControlConfiguration
AccessControlConfiguration
Identity Provider 4
More like this