Enables you to configure session activity, enable single sign on, configure HSTS and input a vault specification for storing
secrets.
- Session Inactivity Timeout
- If a registered session makes no requests for longer than the timeout, the user will be required to login again.
- Session Limit
- The maximum number of open sessions that can be registered with
ESCWA.
- Enable Single Sign On for Unsecured Resources
- If this setting is enabled,
ESCWA will use the current user's credentials to sign on to Directory Servers and other external entities, even if they are not
TLS enabled. When disabled, this will only happen to TLS enabled resources.
Note: Micro Focus does not recommend using this option.
Encryption
- Enable HSTS
- HSTS is a security enhancement that prevents
ESCWA from being accessed over unencrypted connections.
ESCWA must be TLS enabled for this setting to be available. Once enabled, any other sites on this host will not be available unless
they are accessible via HTTPS. The setting only stops applying when the user has not accessed the site for the duration specified
in
HSTS Max Age field. Only once HSTS has timed out for all users can HSTS and TLS be safely disabled. You can set the
HSTS Max Age field to 0 to speed up this process.
Note: If enabled, the root certificate must be installed in the user's browser or they will not be able to access
ESCWA.
- HSTS Max Age
- Duration in second for
Enable HSTS timeout. See
Enable HSTS for more information.
- Vault Encryption Specification
- By default, all passwords using ESCWA will be encrypted. The
secrets.cfg file contains the specifications for these encryptions. A blank string in this field indicates the use of the default specification,
otherwise you can name a specification to use. See
Vault Facility for more information.
Active Sessions
Click
Active Sessions to open the
Active Sessions dialog box. This displays a table listing all the current active sessions along with the following session information:
- User
- Last Active
- Logon Time
- Client IP(s)
You can logoff users by clicking
Logoff icon on the row containing the required user.
Click
Refresh to refresh the display with the current active sessions.