Differences
This shows you the differences between two versions of the page.
Both sides previous revision
Previous revision
Next revision
|
Previous revision
|
blocks:server_configuration_file [2023-10-24 07:23] admin Added auth settings |
blocks:server_configuration_file [2023-10-24 08:05] admin [Configuration File Settings] |
#corsPath: /rest/script/invoke/* | #corsPath: /rest/script/invoke/* |
#corsAllowOrigin: "*" | #corsAllowOrigin: "*" |
#requireHttps: false # Uncomment and set to false or true to control this eplicitly | |
| |
applicationConnectors: | applicationConnectors: |
port: 8080 | port: 8080 |
| |
#auth: # Uncoment to control authorization settings explicitly, defaults shown here | #auth: # Uncoment to control authorization settings explicitly |
# servlet: | # servlet: |
# security: | # security: |
=== server: auth === | === server: auth === |
| |
Specifies advanced authentication and authorization options. In most cases, you don't need to specify these settings. Use only when specifically instructed to do so, e.g. for integration with single-sign-on systems such as [[blocks:sso:adfs|Active Directory]] or [[blocks:sso:okta|OKTA]]. | Specifies advanced authentication and authorization options. The settings shown above correspond to the defaults if no auth section is provided. In most cases, you don't need to specify these settings. If you specify the //internalForm// authorization method, a "Log Out" command will be added to Blocks' Page menu, allowing you to explicitly log out. The OidcClient setting allows for integration with single-sign-on systems such as [[blocks:sso:adfs|Active Directory]] or [[blocks:sso:okta|OKTA]]. |
| |
| :!: **IMPORTANT**: While the //internalForm// method provides log-out functionality, it also sends all authoriztion credentials, including your password, as clear text. The default //internalDigest// method, while not providing any log-out functionality, avoids sending your password as clear text. When using Blocks on publicly accessible networks, you're strongly advised to use and only allow [[blocks:server:nginx|encrypted connection#https_domain_name_and_certificate]] (HTTPS) for all editing operations. |
==== Top level tftp item ==== | ==== Top level tftp item ==== |
Specifies options for the built-in TFTP-server. This is intended for [[blocks:server:pxe-boot|network booting]] of PIXILAB Player. It accepts the following options: | Specifies options for the built-in TFTP-server. This is intended for [[blocks:server:pxe-boot|network booting]] of PIXILAB Player. It accepts the following options: |