Skip to main content

Security Settings

Clicking the Security settings tab in Site Manager enables an Administrator to enter settings for various security categories. Clicking the drop-down arrow at the top of the Security settings page shows options for Direct linking, Forgot my password, Make JICS SAML provider, Additional authentication settings, and Developer settings categories.

Selecting a category option displays settings for that category. Any setting changes in these categories must be saved for them to be implemented. The key used by FWK_ConfigSettings for each parameter is indicated in [square brackets] in the bulleted list following the screenshot.

Security settings page with Direct linking option selected

  • Direct linking—If the Allow direct linking to portlets setting is turned On, it will make portlets directly linkable in a browser with no other navigation. This will also make a tab available from the portlet wrench icon that gives sample direct linking URLs. [AllowDirectPortletLinking].

    For more details, refer to Activate or Deactivate Direct-Link Functionality.

    If the Show login setting is turned On, it will display a login link on directly linked pages and portlets when no one is logged in. [ShowLoginLink].

    For more details, refer to Show a Login Link for Directly Linked Features.

  • Forgot my password—This feature allows users who have forgotten their password to request a reset link. Note that the link will only be sent if password changes are allowed in Authentication Settings. For more details, refer to Activate the ‘I Forgot My Password’ Feature.

  • Make JICS SAML provider—This setting determines whether the SAML identity provider functionality is enabled. By default, the identity provider authentication page is located at your portal address (in Site settings)/ICS/staticpages/saml/identityprovider/response.aspx. This page should be secured with SSL. [AllowSamlAuthentication]

    For more details, refer to Using JICS as a SAML Provider.

  • Additional authentication settings—The following settings are shown for this category:

    • Allow email login—This setting determines whether users are allowed to log in with their email addresses. This doesn't apply to SAML authentication. [UseEmailForLogin]

      For more details, refer to Allow Users to Log in with Their Email Addresses.

    • Two-factor authentication type—This setting enables different types of two-factor authentication. Options are None (default), Duo, or Custom. Selecting Duo will require having an account with the vendor. [TwoFactorAuthType]

      For more details, refer to Two-Factor Authentication.

  • Developer settings—The Enable verbose error screens setting will determine what users see when a code-related error occurs in the application. If verbose error screens are turned Off (default setting), then a user-friendly error message will be displayed when a code-related error occurs. This setting is more appropriate for production environments. Otherwise, the user will see a verbose error message that includes information about the exception's stack trace, the server, and the ASP.NET version. 

    Warning

    For security reasons, it is highly recommended that this setting remain "Off" for public-facing servers. It should be set to "On" only for servers that are used for testing or development.

    Note

    Note that pressing the Save button on the Developer settings screen will trigger a server reset in order to apply the changes on your web server(s). All users will remain logged on, but they may experience a slight delay in activity. This page may also take more time than usual to refresh.