Security
The following configuration parameter applies
to security.
Parameter |
Description |
SecurityMode |
This setting determines
which pages will use SSL encryption. You must install a digital certificate
and enable SSL on your Web server before changing the default value
of 0. Note: Changing the security mode affects the URL Mapping. For
more information, see Appendix A, “Configuring Advanced Properties
and Logging.”???
0: The portal does not check the security of incoming requests.
In mode 0, ApplicationURL0 and SecureApplicationURL0 may be equal
to “*”. In this case, the Application Base URL will be the base URL
from the Request object.
1: Selected pages that involve sensitive information such as
passwords use SSL, while other pages are sent unencrypted for better
performance.
Only pages of Activity Spaces listed in SecureActivitySpaces.xml
(which is located in the same folder as portalconfig.xml) are sent
through HTTPS.
The portal verifies that links and redirections
to Secure Activity Spaces uses HTTPS. If a secure Activity Space were
requested through a non-secure URL, the portal would redirect the
same request to HTTPS.
If XPRequest.GetRequestURL() is equal
to URLFromRequest0, ApplicationURL0 and SecureApplicationURL0 might
both be the Application Base URL, depending on the security of the
Activity Space.
You must install a digital certificate and enable
SSL on your Web server.
2: Every page uses SSL.The portal verifies that every single
incoming request uses HTTPS. If it does not, the portal will redirect
this request to HTTPS. This setting is best for very secure applications
where performance is not a major concern.
If the URL from the
Request object is equal to URLFromRequest0, SecureApplicationURL0
will be the Application Base URL.
URLFromRequest0 has to be
equal to “*”. This is the default entry. It will be used if no mapping
entry matched the URL from the Request object.
You must install
a digital certificate and enable SSL on your Web server.
3: Select this mode if you are using an SSL Accelerator. Because
the portal is behind an SSL Accelerator, the security of the incoming
requests is not verified. The portal trusts every request from the
SSL Accelerator. All the links and redirections are in HTTPS.
If URL from the Request object is equal to URLFromRequest0, SecureApplicationURL0
will be the Application Base URL.
URLFromRequest0 has to be
equal to “*”. This is the default entry. It will be used if no mapping
entry matched the URL from the Request object.
You must install
a digital certificate and enable SSL on your Web server.
|