This appendix contains description of the Web.config parameters used by PortSight Secure Acces and their explanation:
Web.config parameters
| Parameter | Description |
|---|---|
|
SecureAccessConnectionString |
This is the default connection string to the Secure Acess database. Use it in the config file so that you don't have to set the connection string for each command manually. data source=<name of your SQL Server>;initial catalog=<name of the Secure Access database>;user id=<name of the database user>;password=<password of the database user> |
|
SecureAccessDefaultCulture |
Optional parameter. This is the default culture used for the Secure Access user interface. It specifies which culture will be used if user chooses the "default" culture as the preferred one. If it's not specified, "en-US" culture is used by default. The allowed values are culture codes used by .NET. You can find the list of cultures and their culture codes in the "My Settings" section or in the .NET Framework SDK documentation. |
|
SecureAccessParentFrameName |
Optional parameter. Name of the frame the Secure Access user interface is opened in. It is used when the logon form is displayed after user's authentication expires. You need to use it if you don't open Secure Access in a new window, but in a frame. It applies only to the Forms authentication. |
|
SecureAccessLicenseKey |
License key for Secure Access. |
| SecureAccessLogonMixedMode |
This parameter is aplicable only if used with Windows authentication. If set to true allows both Windows NT and Form Authentication, i.e. Windows authentication is preferred authentication mechanism but the user may explicitly invoke logon form and log in using Form authentication. Nevertheless this behaviour would be undesirable if the user accounts are imported from LDAP and thus their passwords are blank by default - this represents a security issue if an attacker guess someone's login name and misuse LogonForm.aspx to log in under this account without providing a password. Set the SecureAccessLogonMixedMode parameter to false if you use NT authentication and would like to disallow this behaviour. Default value if false. |
| SecureAccessLogonFormRedirectsTo |
The default URL the user is redirected to after a successful logon. It's used by the ARUILogonForm control. If no address is provided the user is redirected to the originally requested page. |
| SecureAccessTopRecords |
Number of top rows that will be displayed in grids and the left tree menu of the Web user interface. This parameter is useful if you work with huge number of records. If you don't provide this attribute, the default value is 1000. |
| SecureAccessVirtualPath |
Virtual path to Secure Access Web interface. This parameter is useful if you work with referenced Web interface to your project. If you don't provide this attribute, the default value is /SecureAccess/. |
| SecureAccessAES256EncryptionKey |
Encryption key in hexadecimal format used for AES256 encryption method. This value needn't be provided. If it's not provided, default value is used. |
| SecureAccessAES256InitializationVector |
Initialization vector in hexadecimal format for AES256 encryption method. This value needn't be provided. If it's not provided, default value is used. |
| SecureAccessAES256CipherStringFormat |
Format of encrypted passwords (applies to AES256 encryption). Possible values are: 1 - BASE64 2 - Hexadecimal |
| SecureAccessMinNumberOfSearchedCharacters |
Minimal number of characters of the searched expression when filtering a datagrid (or list of objects in the User Selection dialog). |