Spotfire Server Security Configuration and Administration Activities
This table provides information about configuration activities, security settings, and links into the documentation and community site.
| Activity | Description or references |
|---|---|
| Setting LDAP - LDAP over TLS | Configuring LDAPS. In an LDAP environment, where the Spotfire system communicates with an LDAP directory server, administrators often secure the LDAP protocol using TLS, if the LDAP directory supports this. See Authentication towards LDAP. |
| LDAP - SASL authentication | Spotfire Server supports two Simple Authentication Socket Layer (SASL) mechanisms for authentication towards LDAP: DIGEST-MD5 and GSSAPI. See Authentication towards LDAP. |
| HTTP - Security headers | See Security HTTP headers. |
| Apache Ignite - TLS (Spotfire server clustering communication) | Default: Enabled. TLS can be disabled or enabled. See config-cluster --secure-transport=<true|false>. |
| Session handling - Persistent sessions | Default: Enabled. See config-persistent-sessions for information on configuring persistent sessions for browser clients. |
| "Remember me" in Spotfire Analyst | Default: Enabled. See config-login-dialog --allow-remember-me. Controls whether a user can select to store the log in information for future automatic login, or if he or she must always provide username and password when logging in. |
| Session handling - Timeouts | Default: 30 minutes (session), 24 hours (absolute). See Absolute session timeout and idle session timeout for more information. |
| Backend communication - Auto-trust | Default: Disabled - If enabled, node managers are automatically trusted by the server cluster. See Automatically trusting new nodes for more information. |
| Cross-site request forgery (CSRF) - Public web services | See config-csrf-protection for more information. |
| Configure Spotfire server database security | See the following help topics for more information. |
| Upgrade Java | See Upgrade Java for Spotfire Server 7.5 and later on community.tibo.com. |
| Upgrade Tomcat | See Upgrade Apache Tomcat for Spotfire Server 7.5 and later on community.tibco.com. |
| Upgrade Spring | See Upgrade Spring for Spotfire Server 7.5 and later on community.tibco.com. |
| HTTPS (TLS over HTTP) for front end port | See HTTPS (TLS over HTTP) for Front End Port. |
| JMX Security | JMX Security |
| Configure Encryption password | The encryption password is used to encrypt service account passwords stored in Spotfire database. If not set, a static password is used. See config-encryption for more information. |