This section allows configuring overall security settings for the application. You can enable/disable several security procedures, set a password policy, allow/deny uploading specific file types and configure time stamp server information on this page.
Details
SSL Options
This subsection allows setting SSL options.
Force SSL?
Forces connection to use SSL protocol. When checked all non-SSL connections (HTTP) are automatically redirected to SSL (HTTPS) connection.
Certificate Password
SSL certificate password. Not required if no SSL certificate is added.
Certificate
Copy/paste your certificate content into this area. The certificate must in PFX format and the password must be set.
For mobile devices please be sure that all certificate chain (SSL certificate and parent issuer certificates) are stored in PFX format. Otherwise some mobile devices cannot validate the SSL certificate and you may have some validation errors in device browser.
General Settings
Single Session
Restricts users to have only one session at a time. When this feature is enabled, users can not log into the application from more than one computer at the same time.
Use Session Cookie
Specify whether the session cookie is used or not.
By default, emakin uses local storage and cookies at the same time to prevent XSS and CSRF attacks. Both of these tokens must be in correlation to ensure the session is valid.
Some browsers (especially do-not-track mode) may reject storing any kind of cookie for privacy concerns. When this mode, emakin logins may fail. Enabling this setting disables all cookie usages and all session information is stored in the browser’s local storage area.
Login Token Expiration
Specifies the maximum duration for login tokens. These tokens are specially used for e-mail or integration-based authentications. After this period login token became invalid and cannot be used.
For example “I Forget Password” feature uses this duration and the generated e-mail authentication link will be valid for a given duration.
Bearer Token Expiration
Specifies the session duration. These tokens are used for session control and renewed automatically in the background if about the expire.
Authentication Storage
Specifies where to store generated bearer tokens in the browser.
Local Storage; Sessions are stored until the user is logged off or expires.
Session Storage; Sessions are terminated when the browser window is closed.
Audit Log
Retention Duration
Specifies the retention period for audit log entries stored in the database. Default value is 180 days.
Password Policy
Enforce a password policy for built-in authentication with Emakin login method.
Minimum Password Length
Specify the minimum password length required.
Minimum Upper Case (A..Z) Letters
Specify the minimum number of upper case letters required.
Minimum Numeric (0..9) Letters
Specify the minimum number of numeric letters required.
Minimum Lower Case (a..z) Letters
Specify the minimum number of lower case letters required.
Required Chars
Enter specific characters to be required in the password.
Files
Antivirus Service URL
Specifies the antivirus scanner service URL.
Currently only https://www.clamav.net/ is supported and example service url can be specified as “tcp://hostname:3310”
Allowed File Types
Allow/deny specific file types to control the file types uploaded into the application. Use this section carefully since adding any file types under these categories will respectively result in allowing/denying that added type and denying/allowing the rest of the file types.
Extension
Specify the extension of the file type you want to allow/deny.
Mime Type
Specify the mime type of the file type you want to allow/deny.
Time Stamping
This section allows setting timestamp server connection information to be used with e-signature applications (e.g. Kolay İmza).
TimeStamp Url
URL of the timestamp server.
Timestamp Server User
Username to authenticate with timestamp server.
Timestamp Server Password
Password to authenticate with timestamp server.