In the
Other Settings tab, you configure optional
authentication settings.
The following options are available
(depending on your current selections on the
General tab:
- Re-authenticate from outside URL
Select this check box if you want to require users to
re-authenticate after leaving the system and visiting another Web site. For
example, a user logs in to
SBM, and then visits http://www.MyFavoritePage.com. If the user
then tries to use the
back button to return to
SBM, the user
is prompted to log in again.
- This also applies to pages within
SBM if users enter an
SBM URL directly into the address box or if users click the
Refresh button on the browser. However, if users click a
link or button on an
SBM page that takes them to another
SBM URL, they will not have to log in again.
- This setting cannot be used in combination with the
Single Sign-On (SSO)
because
SSO
gathers user credentials differently. You must use
SBM
Session Cookies and either internal
SBM
passwords or LDAP authentication with for re-authentication to occur. (SBM
Session Cookies are required because this is how user credentials are
gathered for the re-authentication process).
- If you are using LDAP authentication, users are automatically
logged back in to
SBM when the
Re-authenticate from outside URL option is
selected; however, the
User session time-out setting can be
configured to force users to re-authenticate if they have not actively used the
system for a specified number of minutes.
- Disable users after failed login attempts
Select this check box to disable accounts of users who fail to
correctly authenticate after a specified number of login attempts. Set the
number of login attempts between 1 and 10. After users exceed this number of
attempts, their accounts are disabled and must be re-enabled by an
administrator.
- User accounts can be re-enabled in
SBM Application Administrator.
- This feature is only available if users are validated against the
internal
SBM
database or LDAP.
- External Access
If you want users to access
SBM without
logging in to your network domain, or if they are not stored in LDAP, enter the
name of an application in IIS that uses anonymous authentication in the
External Virtual Directory Name box. You will need to manually
create this application in IIS, and ensure that it can execute ISAPI extensions
(enabled via Handler Mappings in IIS 7).
Note: If you add an external application in
IIS, you must manually configure the application's native modules and select
the
ModSecurity IIS module to enable the same level
of threat detection and prevention that is configured on the default
SBM
applications.
- You must add the following MIME types to the new application that
you create in IIS:
- File name extension: .properties | MIME type: text/plain
- File name extension: .woff | MIME type:
application/font-woff
- File name extension: .appcache | MIME type:
text/cache-manifest
- If users are validated against your Windows Domain, this option
sets up two authentication methods for your system:
Windows Authentication for internal users and validation
against the
Internal
SBM
Database for other users.
- If users are validated against LDAP, this option sets up two
authentication methods for your system:
LDAP authentication and
Internal
SBM
Database for non-LDAP users.
- If you plan to use the e-mail response feature in
SBM with
Windows Authentication, you must specify an application in
IIS with anonymous authentication. For more information, refer to
Notification Server Options.
- Select the check box in this section to restrict access so that
only external users can access
SBM through
this anonymous application. External users are authenticated with their
SBM passwords,
which must be at least six characters in length.
Note: You configure external access for users, not administrators or
designers.
SBM Application
Repository
is not accessible externally, which means administrators cannot log in to
SBM Application
Repository
or access the repository using
SBM Composer
from outside the domain; however,
SBM Application Administrator
can be accessed externally for administrators who need to manage users and
projects.
Copyright © 2007–2019 Micro Focus or one of its affiliates. All rights reserved.