Access Control

LDAP supports an added level of security in the form of access control, which allows the server to restrict user access based on user roles.

Access control is implemented in the cluster manager and configured in the policy.xml file. The policy file defines the relationships between resources, roles, and available actions. One configuration works for all cluster managers.

If the policy file is not configured, authorization for authenticated users is not restricted based on user roles.

• Roles, Resources, and Actions
  To restrict user access through the access control system, a user must have a defined role. This role must be associated with resources and authorized actions for the resource.
• Configuring Access Control
  Create and develop relationships among roles, resources, and actions by editing the XML policy file.
• Sample Policies for Authorization Roles
  Use the policy.xml file to control access to cricial functions based on authorization role.
• Configuring the Server for Access Control
  Only LDAP can be used as a security provider for access control.
• Recovering Administrative Access
  If you lose administrative access rights to Sybase Event Stream Processor, there are manual steps you can take to recover them.