PortSight Secure Access Documentation

Appendix B - Web.config Parameters


This appendix contains description of the Web.config parameters used by PortSight Secure Acces and their explanation:


Web.config parameters


Parameter Description


This is the default connection string to the Secure Acess database. Use it in the config file so that you don't have to set the connection string for each command manually.

Value syntax:

data source=<name of your SQL Server>;initial catalog=<name of the Secure Access database>;user id=<name of the database user>;password=<password of the database user>

Sample value:

<add key="SecureAccessConnectionString" value="data source=localhost;initial catalog=SecureAccess;user id=portsight;password=p0s7ight*x;" />												


Optional parameter.

This is the default culture used for the Secure Access user interface. It specifies which culture will be used if user chooses the "default" culture as the preferred one. If it's not specified, "en-US" culture is used by default.

Value syntax:

The allowed values are culture codes used by .NET. You can find the list of cultures and their culture codes in the "My Settings" section or in the .NET Framework SDK documentation.

Sample value:

<add key="SecureAccessDefaultCulture" value="en-US" />								


Optional parameter.

Name of the frame the Secure Access user interface is opened in. It is used when the logon form is displayed after user's authentication expires. You need to use it if you don't open Secure Access in a new window, but in a frame. It applies only to the Forms authentication.

Value syntax:

Enter the name of the frame as you use it in the frameset.

Sample value:

<add key="SecureAccessParentFrameName" value="details" />												


License key for Secure Access.

Value syntax:

Enter the license key you received after purchasing Secure Access.

Sample value:

<add key="SecureAccessLicenseKey" value="XXXX-XXXX-XXXX-XXXX" />												


This parameter is aplicable only if used with Windows authentication.  If set to true allows both Windows NT and Form Authentication, i.e. Windows authentication is preferred authentication mechanism but the user may explicitly invoke logon form and log in using Form authentication. Nevertheless this behaviour would be undesirable if the user accounts are imported from LDAP and thus their passwords are blank by default - this represents a security issue if an attacker guess someone's login name and misuse LogonForm.aspx to log in under this account without providing a password. Set the SecureAccessLogonMixedMode parameter to false if you use NT authentication and would like to disallow this behaviour. Default value if false.

Value syntax:

boolean value (true or false)

Sample value:

<add key="SecureAccessLogonMixedMode" value="true" />												



The default URL the user is redirected to after a successful logon. It's used by the ARUILogonForm control. 

If no address is provided the user is redirected to the originally requested page.

Value syntax:

Enter the URL.

Sample value:

<add key="SecureAccessLogonFormRedirectsTo" value="main.aspx" />												


Number of top rows that will be displayed in grids and the left tree menu of the Web user interface. This parameter is useful if you work with huge number of records. If you don't provide this attribute, the default value is 1000.

Value syntax:

integer value 

Sample value:

<add key="SecureAccessTopRecords" value="5000" />												


Virtual path to Secure Access Web interface. This parameter is useful if you work with referenced Web interface to your project. If you don't provide this attribute, the default value is /SecureAccess/.

Value syntax:

string value 

Sample value:

<add key="SecureAccessVirtualPath" value="/SecureAccess/" />												


Encryption key in hexadecimal format used for AES256 encryption method. This value needn't be provided. If it's not provided, default value is used.

Sample value:

<add key="SecureAccessAES256EncryptionKey" value="167DFE483D1B456544DEE6C0341228D6B31BD3E8D2723F8AD2964856561B6B3C" />												


Initialization vector in hexadecimal format for AES256 encryption method. This value needn't be provided. If it's not provided, default value is used.

Sample value:

<add key="SecureAccessAES256InitializationVector" value="23352540367621603D2A5F3C682F6631" />												


Format of encrypted passwords (applies to AES256 encryption).

Possible values are:

1 - BASE64

2 - Hexadecimal

Sample value:

<add key="SecureAccessAES256CipherStringFormat" value="2" />												


Minimal number of characters of the searched expression when filtering a datagrid (or list of objects in the User Selection dialog).

Sample value:

<add key="SecureAccessMinNumberOfSearchedCharacters" value="2" />