Enportal/5.5/admin/system administration/System Settings: Difference between revisions
imported>Doug yeager |
imported>Doug yeager |
||
Line 92: | Line 92: | ||
=== LDAP Password Policy === | === LDAP and Password Policy === | ||
<br> | <br> | ||
When the portal system is backed by an external LDAP; the password policy settings should mirror those defined in your LDAP system. In some cases you will need to configure domain specific policy rules. | When the portal system is backed by an external LDAP; the password policy settings should mirror those defined in your LDAP system. In some cases you will need to configure domain specific policy rules. |
Revision as of 17:29, 29 September 2014
The system is installed with pre-defined settings for both login page and look and feel (LAF) and without a password policy in place. Through the Advanced Tab -> System Settings, administrators can assign a system login page and system LAF that will override the default out of the box settings as well as creating a system password policy.
System Login Page
System Login Page
The system login page is the page that all users will see when they first access the system.
Assigning a System Login Page
Perform the following steps to assign a system login page.
- Log in to enPortal as an administrator.
- Mouse over the Advanced tab and then System Settings and click on System Login Page.
- In the input field, enter the subdirectory (if applicable) and the file name for the login page you would like to use. The relative directory for this field is [INSTALL_HOME]/server/webapps/enportal/login_pages/.
- Click the Save button.
- Logout of the portal and confirm that the correct login page is displayed.
How to disable 'GET' login requests
To improve security administrators may want to disable the ability to pass login information over HTTP GET requests. Perform the following steps to disable GET Login requests:
- Edit the file: server\webapps\enportal\WEB-INF\config\custom.properties
- Add the line: dispatch.loginPostOnly=true
- Restart the enportal process.
Look and Feel
You can specify a default system look and feel (LAF) so that the appropriate LAF is displayed when a user logs in.
A default LAF can also be assigned to a role, domain, or user.
Order of Precedence
The order of precedence for LAF assignments is as follows:
This means that when an user logs in, the system determines if an LAF has been assigned to the role, then it displays the the LAF assigned to the role. If there is no LAF assigned to the role, then it displays the LAF assigned to the user, and if there is no assignment, it checks the domain and then the system.
Assigning a System Look and Feel
Perform the following steps to assign a system look and feel (LAF).
- Log in to enPortal as an administrator. (Non-administrative users are not allowed to set the System LAF.)
- Mouse over the Advanced tab and then System Settings and click on System LAF.
- Select the desired LAF from the drop-down box.
- Click the Save button.
- Refresh the browser page and confirm that the correct LAF is displayed assuming no LAF is assigned to administrator user, role, or domain directly.
System Password Policy
System Password Policy
The setting in the system password policy will affect all users in the portal system and in external LDAP. When setting the policy for LDAP users, it is strongly recommended that the system policy matches that of LDAP because most of the LDAPs do not give good error messages when user's password failed its policy.
Assigning a System Password Policy
Perform the following steps to assign a system password policy.
- Log in to enPortal as an administrator.
- Mouse over the Advanced tab and then System Settings and click on System Password Policy.
- Make the desired changes in the three sections: Password, Syntax, and Lockout
- Click the Save button.
- Confirm that the correct policy is applied by changing a test user's password.
LDAP and Password Policy
When the portal system is backed by an external LDAP; the password policy settings should mirror those defined in your LDAP system. In some cases you will need to configure domain specific policy rules.
Add the following lines to server/webapps/enportal/WEB-INF/config/custom.properties if your LDAP Server does not support Policy controls:
ldap.policyControlSupported=false