27 Oct
2014
27 Oct
'14
12:04 p.m.
Net Warrior wrote:
Based on the the ACL's I posted from my configuration, what else can you recommend to include, tweak or modify?
I did not have a closer look at your ACLs.
ACL design depends very much on *your* requirements and system landscape. For example I've designed the system which does not allow any anonymous access and authorizes on a paranoid need-to-know principle.
The problem is: If you allowed anonymous access in the past it's usually hard to turn on authentication and authorization for all your existing applications.
All in all it's your homework.
Ciao, Michael.