This chapter describes how to create and manage your Secure Access catalogs (user databases) using the Secure Access Catalog Manager. You can run this application from the Start menu -> All Programs -> PortSight Secure Access by clicking the Secure Access Catalog Manager icon.
Secure Access Catalog Manager stores the passwords you enter in the "catalogs.xml" file. This is actually an encrypted file containing XML data about the registered catalogs. The encryption mechanism is not very strong since the encryption key can be found in the Catalog Manager code after disassembling. You should allow only administrators to access this file.
Secure Access Catalog Manager distributes the passwords (database connection string) into Web.config files in a non-encrypted form, which is a common way most developers are used to. Thus, you should allow only administrators and developers to access this file. If you use default ASP.NET settings, the Web.config files cannot be downloaded from your Web site by visitors. If you fulfill both of these conditions, storing passwords not encrypted is not a security flaw.
This chapter covers following topics:
Creating a new user catalog using the Catalog Manager - before you start using Secure Access you need to deploy at least one Secure Access catalog. This chapter explains how to do it.
Registering an existing catalog - you can register an existing Secure Access catalog into the Catalog Manager. This chapter explains how to do it.
Unregistering a Catalog - describes how to unregister a catalog from the Secure Access Catalog Manager.Modifying catalog properties - this chapter explains various options in the catalog properties.
Viewing Web-based user interface of the catalog - this chapter explains how to open the Web-based user interface from within the Catalog Manager.
Setting Up the Secure Access User Interface for Windows Authentication - Secure Access Web-based user interface is configured for forms authentication by default. In this chapter you can find step-by-step instructions how to set it up for using Windows authentication.
Full Version Registration - after you purchase PortSight Secure Access license, you need to enter the license key in the application. This chapter describes how to do it.
Running Secure Access on Web Farms - this chapter explains how to use Secure Access on Web Farms.