Other Settings tab, you configure optional
The following options are available
(depending on your current selections on the
- Re-authenticate from outside URL
Select this check box if you want to require users to
re-authenticate after leaving the system and visiting another Web site. For
example, a user logs in to
SBM, and then visits http://www.MyFavoritePage.com. If the user
then tries to use the
back button to return to
SBM, the user
is prompted to log in again.
- This also applies to pages within
SBM if users enter an
SBM URL directly into the address box or if users click the
Refresh button on the browser. However, if users click a
link or button on an
SBM page that takes them to another
SBM URL, they will not have to log in again.
- This setting cannot be used in combination with the
Single Sign-On (SSO)
gathers user credentials differently. You must use
Session Cookies and either internal
passwords or LDAP authentication with for re-authentication to occur. (SBM
Session Cookies are required because this is how user credentials are
gathered for the re-authentication process).
- If you are using LDAP authentication, users are automatically
logged back in to
SBM when the
Re-authenticate from outside URL option is
selected; however, the
User session time-out setting can be
configured to force users to re-authenticate if they have not actively used the
system for a specified number of minutes.
- Disable users after failed login attempts
Select this check box to disable accounts of users who fail to
correctly authenticate after a specified number of login attempts. Set the
number of login attempts between 1 and 10. After users exceed this number of
attempts, their accounts are disabled and must be re-enabled by an
- User accounts can be re-enabled in
SBM Application Administrator.
- This feature is only available if users are validated against the
database or LDAP.
- External Access
If you want users to access
logging in to your network domain, or if they are not stored in LDAP, enter the
name of an application in IIS that uses anonymous authentication in the
External Virtual Directory Name box. You will need to manually
create this application in IIS, and ensure that it can execute ISAPI extensions
(enabled via Handler Mappings in IIS 7).
Note: If you add an external application in
IIS, you must manually configure the application's native modules and select
ModSecurity IIS module to enable the same level
of threat detection and prevention that is configured on the default
- You must add the following MIME types to the new application that
you create in IIS:
- File name extension: .properties | MIME type: text/plain
- File name extension: .woff | MIME type:
- File name extension: .appcache | MIME type:
- If users are validated against your Windows Domain, this option
sets up two authentication methods for your system:
Windows Authentication for internal users and validation
Database for other users.
- If users are validated against LDAP, this option sets up two
authentication methods for your system:
LDAP authentication and
Database for non-LDAP users.
- If you plan to use the e-mail response feature in
Windows Authentication, you must specify an application in
IIS with anonymous authentication. For more information, refer to
Notification Server Options.
- Select the check box in this section to restrict access so that
only external users can access
this anonymous application. External users are authenticated with their
which must be at least six characters in length.
Note: You configure external access for users, not administrators or
is not accessible externally, which means administrators cannot log in to
or access the repository using
from outside the domain; however,
SBM Application Administrator
can be accessed externally for administrators who need to manage users and
Copyright © 2007–2019 Micro Focus or one of its affiliates. All rights reserved.