Locking Down Web3

Top Previous Next

When the Web3 Platform is first installed, the security database is pre-configured with an entry that grants full privileges to the Anonymous user. We recommend that immediately after installation you perform the following steps to lock down the Web3 Platform server. The steps below show the Powershell commands that can be used to lock down the server. However, you may need to slightly alter these if you are not running PowerShell on the machine where the Web3 server is installed or if you have configured the storeId for either the Topic Map Store or Schema Store. For more information on the Powershell commands please refer to the section Granting and Revoking Permissions and to the Powershell Cmdlets Reference.

1.	Load the Web3Admin Snap-In Add-PSSnapin Web3Admin

2.	Grant full privileges to the administrator user on both the Topic Map Store and the Schema Store (replacing DOMAIN\USER with the administrator's domain and user name). Grant-StorePermission http://localhost/web3 ACJ DOMAIN\USER

3.	Revoke all privileges from the Anonymous user Grant-StorePermission http://localhost/web3 N Anonymous

After this you may use the procedures outlined in Granting and Revoking Permissions to extend permissions to other users or groups.

Note: if you perform this lock-down procedure after creating topic maps you may also need to update the permissions for each topic map as outlined in Granting and Revoking Permissions.