Security

Learn about security configurations settings.

Certificate

This entry currently has no function.

Login Filter

You can add an additional stage to the login procedure for Aurea CRM win if authentication by another system is required. To do so, you can configure a so-called login filter. After successfully logging in (either via single sign-on or explicitly logging in), the login filter is called.

A login filter requires a specific interface in order to be called from Aurea CRM. Login filters can be called exclusively from the Aurea CRM win main module, but not from the administrative modules. A detailed description can be found in the technical white paper "login filter" available from https://support.aurea.com.

Password Blacklist

The PW may not be in blacklist option in the Station Configuration info area determines whether passwords can be blacklisted. The blacklist is defined here.

Enter the words (separated by a semi-colon) in the value field, or select Add/edit value from the context menu to load a text file containing the blacklist.

The blacklist is not case-sensitive.

The comparison is always performed for the entire string, not for a part of the string.

Leading and trailing blanks are stripped before comparison, e.g. if the blacklist contains the word "God", the user is not allowed to change his password to " God", "God ", "God" or " God ".

Single Letter

You can define security settings used to digitally sign and/or encrypt single letters. Aurea CRM users cannot read encrypted documents - they require the certificate's private key to be decrypted.

Prerequisites:

  • Encrypting single letters requires a digital certificate (available from an official source like Verisign). For testing purposes, you can create a certificate using MS .NET Framework SDK (makecert.exe).

    For Aurea CRM web, the certificate must be installed in the "Machine Certificate Store" on the web server. The server runs as a service (without user context).

  • To digitally sign a document, add one or more signature lines to the document template. For more information, refer to your Microsoft Word documentation. For details, see the <property> tag description under >> XML Code for Signing/Encryption Settings.

    media/image235.png

The Single Letter entry can only be defined globally. If you do not define any single letter security settings, the Encrypt/Sign check box in the Connection with Word Processor dialog box is unavailable to users.

You can define several option, each with a different ID. When defining single letter formats, these names are displayed in the Security Settings drop-down list in the Connection with Word Processor dialog box, >> Defining Transfer Formats in the Aurea CRM win User Manual.

Enter the XML code defining the security settings in the Value field, >> XML Code for Signing/Encryption Settings.

You can use CRM.cryptographic tool to decrypt multiple documents at once, >> CRM.cryptographic tool.