30.3. Controlling Site Access with Realms
In the context of websites, a realm is a portion of your site (typically a folder and all the files and folders within it) for which you have designated access restrictions. You protect realms with a username and password so whenever someone tries to access content in a realm, his or her browser displays an HTTP authentication dialog box, like the one shown in Figure 30.3. Once the user types a valid set of credentials, the server grants access to the page requested and to all other pages within the realm.
Realms aren't the sole way to restrict access to portions of your website. For example, you could use an ordinary web form that sends users' credentials to a PHP program to verify access permission. However, as long as your list of users isn't long, realms are easy to set up without any programming, are supported by virtually every web browser, and provide good security (at least as long as you use an encrypted authentication method, as I describe shortly).
The access restrictions you apply to realms in Mac OS X Server determine not only the way in which authentication is used when browsing the site in a web browser but also who can access the site's files and to what extent via WebDAV, a protocol for sharing files via HTTP. (I discuss WebDAV setup elsewhere in this chapter.)
Figure 30.3. When a user visits a URL corresponding to a protected realm in Safari, a dialog box like this one requests authentication.
NOTE
In Mac OS X Server, ...
Get Mac® Security Bible now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.