Security Settings

Enables you to configure session activity, enable single sign on, configure HSTS and input a vault specification for storing secrets.
Session Inactivity Timeout
If a registered session makes no requests for longer than the timeout, the user will be required to login again.
Session Limit
The maximum number of open sessions that can be registered with ESCWA.
Single Sign-On Behavior
This specifies the single sign-on behavior:
Disabled
Disables all single sign-on behavior including live enterprise server region.
Only Secure and Loopback
Single sign-on will be enabled for secured and localhost resources.
Allow Insecure (All)
Single sign-on will be enabled globally.
Password Change Enabled
Check this to enable users to change their password when they log on to ESCWA.
Show Default Security Warning on Log On
Check this to display information about default security when logging onto ESCWA.

Encryption

Enable HSTS
HSTS is a security enhancement that prevents ESCWA from being accessed over unencrypted connections. ESCWA must be TLS enabled for this setting to be available. Once enabled, any other sites on this host will not be available unless they are accessible via HTTPS. The setting only stops applying when the user has not accessed the site for the duration specified in HSTS Max Age field. Only once HSTS has timed out for all users can HSTS and TLS be safely disabled. You can set the HSTS Max Age field to 0 to speed up this process.
Note: If enabled, the root certificate must be installed in the user's browser or they will not be able to access ESCWA.
HSTS Max Age
Duration in second for Enable HSTS timeout. See Enable HSTS for more information.
Vault Encryption Specification
By default, all passwords using ESCWA will be encrypted. The secrets.cfg file contains the specifications for these encryptions. A blank string in this field indicates the use of the default specification, otherwise you can name a specification to use. See Vault Facility for more information.

Active Sessions

Click Active Sessions to open the Active Sessions dialog box. This displays a table listing all the current active sessions along with the following session information:

  • User
  • Last Active
  • Logon Time
  • Client IP(s)

You can logoff users by clicking Logoff icon on the row containing the required user.

Click Refresh to refresh the display with the current active sessions.

Parent topic: Enterprise Server Administration Configuration
Related reference
Vault Facility