Installation guide
search

Security

Security

The first properties that we need to specify (and the most important ones) are the security properties. In this section, there are three properties:

  • Security/engine
  • Security/authentication
  • Security/cors/domain

screen-shot-2016-12-08-at-16-48-23

The first two ones will determine the type of engine (and consequently authentication method) to use for the authentication, and it will depend on the packages deployed in the server. The last one, will mark specific URL's as "saved", in order to avoid possible CORS domain in the client side.

A detailed explanation of the properties and its possible values can be seen in the table below

Property Description Since

Security/engine

 This property determines the type of engine to use for the authentication. The possible values are:

  • MSMAuthentication –activates the authentication mechanism in the Web Player through the old Match Security Manager. This means that the users will be managed by Match on the configuration page.
  • LDAPAuthentication –activates the authentication mechanism in the Web Player through the LDAP mechanism. This implies that companies will have to handle the users internally and configure properly the MWEP in order to grant them access to it.
  • None - if this option is selected, there won't be a security mechanism, so the application will be public and all the content will be available for everyone.
 2.2.0
Security/authentication This properties specifies the type of authentication inside the engine. In case that "None" was selected as engine type, this property will be omitted.

  • Enabled –activates the authentication mechanism in the Web Player. Users will be requested to login before they can consult knowledge bases or make configuration changes. Public KBAs won't be accessible unless the users are authenticated
  • Disabled –disables authentication in the Web Player. Access to the Web Player is granted to everyone. This means that anyone can consult knowledge bases and make changes to the player configuration via the Configuration Manager
  • Consultation Only –activates the authentication mechanism for the Configuration Manager within the Web Player and all the consultation of RESTRICTED KBAs. All the KBAs that are PUBLIC are accessible without an authentication mechanism in the Web Player.

The “consultationOnly” just enable the extensions for usage in the Web Player. Additional configuration per KBA for the extensions is required.

 2.2.0
rest.cors.allowedDomains list of domains accepted for CORS  2.2.0

When the main properties have been selected, extra security properties will appear for the specific engines(see MSM properties and LDAP properties). Once all the properties have been set up, pressing the button "Save" will automatically save all the changes and load the security profile selected.

If a higher security level have been enabled (for instance from a non-security configuration to a security one), the user will need to log in for continuing with the changes in the properties, and only the correct profile will be able to do it.