Introduction / FirstSpirit Server configuration / Configuration files (FirstSpirit Server) / FirstSpirit Server (fs-server.conf) / Application passwords

Area: Application passwords

#######################
# Application passwords
#######################
# Empty means: enable/disable default password via ServerManager GUI
# enableDefaultAppPassword=true
enableDefaultAppPassword=
 
# Comma separated list of hosts or addresses, which are always allowed to use
# application passwords. Application passwords without IP limitations are not
# affected by this list. If a IP limitation is present for a password, the
# list of allowed hosts or addresses is automatically extended by this list.
appPasswordIpWhitelist=localhost,localhost.localdomain

All connections to the FirstSpirit server must undergo authentication (security concept see Authentication of all internal connections to the FirstSpirit server). This means that all web applications (and cluster nodes), that communicate with the FirstSpirit Server, must be authenticated first using a WebApp password. Access to incorrectly configured web applications can be restored using the parameters enableDefaultAppPassword and appPasswordIpWhitelist (see Fixing a faulty configuration).

© 2005 - 2024 Crownpeak Technology GmbH | All rights reserved. | FirstSpirit 2024.11 | Data privacy