WebSEAL-specific ACL policies

The following security considerations apply for the /WebSEAL container in the protected object space:

• The WebSEAL object begins the chain of ACL inheritance for the WebSEAL region of the object space.
• If we do not apply any other explicit ACLs, this object defines (through inheritance) the security policy for the entire Web space.
• The traverse permission is required for access to any object below this point.

ACL policies:

1. /WebSEAL/host-instance_name
   
2. /WebSEAL/host-instance_name/file
   
3. WebSEAL ACL permissions
   
4. Default /WebSEAL ACL policy
   
5. Valid characters for ACL names
   
6. Quality of protection POP
   
7. Configuration of authorization database updates and polling
   
8. Configure quality of protection levels
   
9. Authorization decision information from HTTP requests
   
10. Support for OAuth authorization decisions
    
11. Use credential attributes in authorization decisions
    

Parent topic: Configuration for authorization