Spotfire Server Security Configuration and Administration Activities
This table provides information about configuration activities, security settings, and links into the documentation and community site.
| Activity | Description or references |
|---|---|
| "Remember me" in Spotfire Analyst | Default: Enabled. See config-login-dialog --allow-remember-me. Controls whether users can select to store the log in information for future automatic login, or if they must always provide username and password when logging in. |
| Apache Ignite - TLS (Spotfire server clustering communication) | Default: Enabled. TLS can be disabled or enabled. See config-cluster --secure-transport=<true|false>. |
| Backend communication - Auto-trust | Default: Disabled - If enabled, node managers are automatically trusted by the server cluster. See Automatically trusting new nodes for more information. |
| Configure Encryption password | The encryption password is used to encrypt service account passwords stored in the Spotfire database. If not set, a static password is used. See config-encryption for more information. |
| Configure Spotfire server database security | See the following help topics for more information. |
| Cross-site request forgery (CSRF) - Public web services | See config-csrf-protection for more information. |
| HTTP - Security headers | See Security HTTP headers. |
| HTTPS (TLS over HTTP) for front end port | See HTTPS (TLS over HTTP) for Front End Port. |
| JMX Security | JMX Security |
| LDAP - SASL authentication | Spotfire Server supports two Simple Authentication Socket Layer (SASL) mechanisms for authentication towards LDAP: DIGEST-MD5 and GSSAPI. See Authentication towards LDAP. |
| Session handling - Maximum concurrent sessions | Default: unlimited. See Managing active user sessions for information on configuring a limited number of active sessions for named users and guest (anonymous) users. See also Session Management. |
| Session handling - Persistent sessions | Default: Enabled. See config-persistent-sessions for information on configuring persistent sessions for browser clients. See also Session Management. |
| Session handling - Timeouts | Default: 30 minutes (session), 24 hours (absolute). See Absolute session timeout and idle session timeout for more information. See also Session Management. |
| Setting LDAP - LDAP over TLS | Configuring LDAPS. In an LDAP environment, where the Spotfire system communicates with an LDAP directory server, administrators often secure the LDAP protocol using TLS, if the LDAP directory supports this. See Authentication towards LDAP. |
| Upgrade Java | If desired, you can manually upgrade Java. See Switching to another Java Development Kit for the Spotfire Server for more information. |
| Upgrade Spring | See Upgrade Spring for Spotfire Server 7.5 and later on the Community. |
| Upgrade Tomcat | See Upgrade Apache Tomcat for Spotfire Server 7.5 and later on the Community. |