Configure Web Browser Session Settings

HID_Security_BrowserSecurity
You can configure the settings that control the directives that
NetOps Portal
uses when it communicates with web browsers using
NetOps Portal
. You can also configure them using the Single Sign-On Configuration (SSOConfig) tool. This article details how to configure them using
NetOps Portal
.
For more information about how to configure these settings using SSOConfig, see Configure Web Browser Session Settings Using the SSO Configuration Tool.
Follow these steps:
  1. Log in as a user with administrative role rights.
  2. Hover over
    Administration
    ,
    Configuration Settings
    , and then click
    Security Settings
    .
    The
    Security Settings
    page appears.
  3. In the
    Web Browser Session Management
    section, complete the following fields:
    • A user can have only one active browser session (other browser sessions are automatically logged out)
      Determines whether a user can have multiple concurrent sessions open from web browsers at the same time.
      Options:
      • Disabled:
        When users establish a new browser session, other open browser sessions remain open (their login remains active).
      • Enabled:
        When users establish a new browser session, they are logged out of any other sessions they have open (and must log in again in that session).
      Default:
      Enabled
      The guidelines do not require you enable this setting.
    • Browsers use base tags to control relative URLs (might interfere with reverse proxies)
      Determines whether to add base tags to
      NetOps Portal
      web pages that are rendered to the browser. This forces any relative URLs in the page (URLs that do not start with the host name) to always resolve to the same host. This setting affects security only in older web browsers (particularly Internet Explorer) which might be vulnerable to security attacks that take advantage of a now-obsolete method for resolving the absolute paths of CSS includes. Enabling this setting does not have a discernible effect on your system except when using some reverse proxies. In that case, you can disable this setting.
      Default:
      Enabled
      The guidelines do not require that you enable this setting.
    • Do not allow NetOps URLs to be in iFrames
      Specifies whether
      NetOps Portal
      shows only content in browser views that is from the same host as
      NetOps Portal
      and whether you can embed a
      NetOps Portal
      URL in web pages that support being an embedded iFrame on the same host as
      NetOps Portal
      .
      Default:
      Enabled
      The guidelines require that you enable this setting.
  4. Click
    Save
    .
The settings that control the directives that
NetOps Portal
uses when it communicates with web browsers are configured.