(Access Manager 5.0 Service Pack 1 and later)
For security purposes, direct access to application.xml and extern/dist/lib/ files available in the nidp folder is restricted by default. You can remove the restriction by commenting the <security-constraint> tag in the web.xml file.
If you want to restrict access to any other file in the nidp folder, perform the following steps:
Open the Identity Server web.xml file.
For information about how to edit a file, see Modifying Configurations
in the NetIQ Access Manager 5.0 Administration Guide.
Under the <security-constraint> tag, add <url-pattern> or <path of the file> that you want to hide from the direct access.
The following is an example snippet:
<security-constraint> <web-resource-collection> <web-resource-name>Include files</web-resource-name> <description>No direct access to include files.</description> <url-pattern>/application.xml</url-pattern> <url-pattern>/extern/dist/lib/*</url-pattern> <http-method>POST</http-method> <http-method>GET</http-method> </web-resource-collection> <auth-constraint /> </security-constraint>
Save the file.