Enterprise Security provides a Web server plug-in that protects URLs from unauthorized access. The Web server plug-in provides the bridge that allows you to define URL-type assets using Enterprise Security Manager, then map them to local Web addresses to provide protection to the document level.
The Web server plug-in is a shared library module that is loaded into the Web server to intercept HTTP requests to perform user authentication and access authorization as needed.
The plug-in consists of:
A connection manager – interfaces with EAServer to perform authentication and authorization. A successful connection creates a session object, which maintains the connection cache that stores active session information.
An asset cache manager – a cache that stores asset URLs. The cache is checked whenever a connection request is received to determine if the requested URL is unprotected. If the URL is not in the cache, the connection manager queries the ACDB before making the connection to determine what user authentication is required.
The plug-in also has a custom bean that instructs the asset connection manager to update the asset cache whenever a URL asset is created or updated in the ACDB. See Chapter 11, “Configuring the Web Server Plug-in” for instructions on configuring the plug-in.
