Security and Users Settings

This dialog controls the security settings for external applications connecting to the PlanetPress Connect Server, such as PlanetPress Connect Designer, PlanetPress Workflow plugins, or scripts communicating through the REST API.

Caution: It is highly recommended to keep security enabled and change the password on any server accessible from the web.

If these precautions are not taken, data saved in the server may be accessible from the outside!

  • Enable server security: Enable to add authentication to the REST server.
    - When enabled, the username and password (which cannot be blank) of an authorized user must be entered in any remote Connect Designer that links to this Server. See the Connect Servers preferences sub-section of the Designer Preferences dialog.
    - When disabled, a username and password is not required to make REST request, and tasks in PlanetPress Workflow do not require them in the Proxy tab. Nor would a username and password be required on any remote Connect Designer that links to this Server.

  • Session expiration time (mins): Select a session time (in minutes, between one minute and one year) that the authentication stays valid for the requested process. This can reduce the number of requests to the server since an authentication request is not necessary during the session.

  • Authorized Users table: The Table contains a list of all currently Authorized Users.
    All required information is summarized in the table, which has buttons to the right which allow one to Add (), Edit () or Delete () individual entries. Double clicking on any entry in the table also launches the Edit dialog.

    The options available in the Add/Edit dialogs are as follows: 

    • Username: Enter the username for the server security.

    • Roles: Check the roles that apply to the user.

      • Data Handler: The user can start and stop operations, get results of operations, and view and handle data (except resources). This appears as ROLE_DATA in the table.

      • Resource Handler: The user can manage resources like data mapping configurations, templates, and print presets. This appears as ROLE_RESOURCE in the table.

      • Monitoring: Can monitor the server, but cannot see data, change server settings, or modify resources.This appears as ROLE_MONITOR in the table.

    • Password: Enter a password for this user for the server security. There are no specific password requirements or restrictions.

    • Confirm password: Re-enter the password assigned to this user.

Note: Existing client sessions are not affected by changes to authorized users. Clients may only see the effect after their session expires.