- Downloading & installing
- Editions
- Licensing and activation
- Welcome screen
- Scaling & Performance
- Import Data from Files
- File Deployment Options
- Automation Options
- Data Refresh Options
- Feature Matrix by Edition
- Reference
- Small Print
- Specifications
- Web Services Integration
- Maps & Coordinates
- Troubleshooting
- Miscellaneous
|
|
||||||||
HTTP authenticationHTTP authentication of Omniscope filesControlling file access with server authenticationHTTP authentication is part of the HTTP protocol and is a system for restricting access to a web resource (such as a page, set of pages or area, or a downloadable file). Authentication usually entails a pop up prompt for username and password, and should not be confused with a log-in page on a website where there is a username and password form on the page itself. HTTP URLs can be pre-encoded with the authentication information if needed, in the format "http://user:password@www.site.com/xyz"; if the credentials are incomplete or incorrect, the browser or application will prompt for username and password. Normally HTTP authentication will be used in conjunction with HTTPS (encrypted HTTP) for added security, although this is not mandatory. Omniscope supports options to use HTTP authentication to control access to data file in two ways; hosting and server permissioning. Hosting with HTTP authenticationOption 1: you can host your IOK files on a web server using HTTP authentication. If downloaded through the browser, the user will be prompted to enter their credentials before being able to download the file. This facility is provided by the browser and the web server. If Omniscope accesses a URL directly, such as through File > Open > Open from web, Omniscope will prompt the user directly for the username and password. Of more interest is the ability of a downloaded IOK file to be configured to refresh data from an online resource with HTTP authentication. For example, a locally saved IOK file containing a user's views and layouts is configured to refresh-on-open from an HTTP-authenticated source, such as another IOK file or a CSV file. On opening the local file, Omniscope requests a username and password and supplies these to the server. The server responds with the updated data, which may be tailored to that username. Omniscope then displays the updated data using the local file's views and layout. Server permissioningOption 2: you can configure your IOK file to use "server permissioning". If you've managed to download an IOK file, server permissioning (if configured) is a second check that Omniscope performs before allowing you to view and explore the file. This is an enterprise feature in 2.6+ configured using an option in the Save dialog. To configure, you must supply an arbitrary HTTP/HTTPS URL which requires authentication. On opening a server-permissioned IOK file, Omniscope prompts the user for the username and password for that URL. This allows you to restrict access to the IOK file according to the credentials required for the configured server page. It allows you to withdraw or change access rights after publishing your data. Additional security options: Owner-lockingWarning: server permissioning, like password-protecting a file, is a way of preventing unwanted users from opening a file. But once the file has been successfully opened, a licensed Omniscope user can save the file with these checks removed. These checks are only a way of preventing users from getting "in the door". If you cannot trust your users not to extract and misuse your data once they have the file open, then you must also owner-lock the file. This setting is also available in the Save dialog.
|