Universal Messaging 10.11 | Administration Guide | Universal Messaging Enterprise Manager | Using ACLs for Role-Based Security | About Interface VIA Lists
 
About Interface VIA Lists
 
Managing Interface VIA Lists
Each interface defined on a Universal Messaging realm server can have an associated ACL list, known as a VIA list. The VIA list enables you to define users who can connect to the Universal Messaging realm using a specific protocol via a specific interface.
For example, if a realm has an HTTP (nhp) interface running on port 10000 and a sockets (nsp) interface running on port 15000, and you want all external clients to connect using the nhp interface, and all internal clients to connect using the nsp interface, you can create separate lists of subjects (username and host pairs) associated with the nhp and nsp interfaces.
This ensures that any user who tries to connect using the nsp interface, who is not part of the nsp interface VIA list, but exists in the nhp VIA list, will be rejected and will not be able to establish a connection via nsp. The same applies for the nhp interface. This enables you to tie specific users to specific interfaces.
The default behavior for all interfaces is that when no VIA lists exist on any defined interfaces, all users can connect on any interface. When a user subject exists on an interface, that subject cannot use any other interface other than the one in which they are listed.
VIA lists offer an extra level of security that enables server administrators to define a strict approach to who can connect to the realm via specific protocols. This is particularly useful if, for example, you run many services on a single Universal Messaging realm and want to ensure that specific clients or groups of clients use completely separate interfaces.