Page History
...
If any problem occurs with authorization or authentication you can use the audit.log to trace and find the cause.
Secure the administration page
By default the administration page is not secured, which means that any user that can access the environment on which Studio or the Runtime is located can also access the administration page. A user can download/upload the repository through the administration page, so you might want to allow only specific users to access this page.
To achieve this you have two possibilities:
- You can secure the administration page through Studio.
- You can restrict the administration page to all Studio users.
IIS
First open the Internet Information Services (IIS) Manager from the Start menu on the machine where Blueriq is installed.
Browse to the administration site by expanding the tree on the left as shown below and double click Authentication.
By default IIS allows Anonymous access to the site.
Disable Anonymous Authentication and enable Basic Authentication by right clicking the appropriate authentication and choosing enable/disable.
Now when you browse to the administration page, a popup will be shown asking for credentials. But first we must specify which users and/or groups can access the administration page.
To do this, first return to the administration site and select authorization rules.
Please note: if you do not see authorization rules as shown below, you must first enable this feature in IIS.
By default all users have access.
Remove the entry allowing all users access by right-clicking on it and choosing remove. Then you can add a new Allow rule by right-clicking. Here you can specify users or groups from both the local machine or the active directory if the machine is part of a domain.
Please note that this is not related to the authentication you have chosen for the Studio. So for example you can configure the Studio with one of the NTLM modes to authenticate against active directory, while you can secure the administration page with a local user on the machine.
Studio users
Another way to restrict the administration page, is by restricting it to all Studio users. This relies on the authorization mechanism that Studio uses. To configure this, you have to change the configuration of the administration page. This can be found in the [Blueriq installation directory]\Studio\wwwroot\Administration\Web.config
file.
The administration page uses a connection to the management service. This connection requires a username and password, which by default is set during the installation of Blueriq:
Code Block | ||
---|---|---|
| ||
<managementservice>
<connection url="http://localhost:8095/Services/ManagementService" user="administrationpage" password="administrationpage"/>
</managementservice> |
If the user and password in this configuration is cleared, the administration page will prompt for authorization when accessed. When the username and password of a Studio user is entered, the administration page will be shown.
UI Text Box | |||||
---|---|---|---|---|---|
| |||||
Please note that the
|
Data storage
Anchor | ||||
---|---|---|---|---|
|
...