Introduction / FirstSpirit start page / Areas of the start page / User

User

Table of contents

In the top right-hand corner of the page the name of the user currently logged in is displayed. A selection box offers some configuration options to the user:

Configuring connection settings

Configuring connection settings

Here the connection settings for starting SiteArchitect and ServerManager are shown for the user who is currently logged in (the values recommended for the user are preset as default settings). The values configured here overwrite the server-wide Web Start settings for this user (see Server properties - Webstart). The settings should only be changed for testing purposes.

Show default applications: This option is given to the server administrator for security purposes, if he/she has blocked himself/herself access due to an unfavourable configuration. If the “Show default applications” option is active, only the standard applications in the previous configuration of their visibility are displayed.
This option does not affect the configuration of the visibility of standard applications in the project properties. For example, the server administrator cannot see an application even when the option is active, if it was excluded from visibility by a group definition.

Use settings: Activate this option to be able to edit the connection settings. The settings are only taken into account if this checkbox is selected. The information “Connection Settings (enabled)” then appears in the selection box on the start page.

Mode: this drop-down menu is used to set the connection mode for the standard communication between FirstSpirit clients and servers set for the user who is currently logged in:

  • HTTP: normal Internet connection (default setting).
  • Socket: direct connection mode.

Available from FirstSpirit Version 5.2R2 Authentication based on Kerberos/SPNEGO or NTLM is supported through HTTP. This means that whenever SiteArchitect or ServerManager is connected to the FirstSpirit Server, transparent authentication based on Kerberos/SPNEGO or NTLM is attempted automatically (proxy or host). This method of authentication is only supported under Windows operating systems and under operating systems which support the Java GSS-API.
To perform automatic authentication on Windows when using a proxy, the desired Kerberos SPN (“Service Principal Name”) must be provided as follows:

-Dfs.http.kerberos.spn=HTTP/proxy.example.com

However, automatic Kerberos authentication against both proxy and host at the same time is not possible on Windows.

Important To securely operate the FirstSpirit Server, we recommend that you run the complete client/server communication exclusively via HTTPS. This applies to both ServerManager and SiteArchitect.
While direct communication from these applications to the FirstSpirit Server is generally supported by the alternative socket mode, it is not deemed to be as secure as HTTPS communication.
(Available from FirstSpirit Version 5.2 All communication with the FirstSpirit Server has to undergo prior authentication, which means that even communication via the socket can be classed as extremely secure.)

For more information on security-related aspects, see Additional security measures. Should you have questions about securely operating FirstSpirit, please do not hesitate to contact our Technical Support.

Use HTTPS protocol: the parameter used to define whether communication will take place in HTTP connection mode using the secure HTTP protocol (for this purpose, an HTTPS port must be configured using the parameter “Port”, see below).

Host: server name or IP address of the FirstSpirit server to which the client is to connect during Web Start.

Port:FirstSpirit Server port number.

Memory: specifies the amount of memory (in MB) that will be made available for the client's virtual machine.

Compression: compression for the communication between FirstSpirit applications and servers set for the user who is currently logged in:

  • None: no compression when transmitting data between clients and servers.
  • Deflate: uses the deflate algorithm with standard compression for transmitting data between client and server.
  • Deflate speed: uses the deflate algorithm with the fastest compression for transmitting data between client and server.
  • Deflate best: uses the deflate algorithm with the best compression for transmitting data between client and server.

Encryption: encryption for the communication between FirstSpirit applications and servers set for the user who is currently logged in:

  • None: no encryption when transmitting data between clients and servers.
  • TLS: uses the TLS protocol for transmitting data between client and server (TLS: Transport Layer Security).
  • DH ARC4: uses the DH ARC4 encryption algorithm for transmitting data between client and server.

Servlet zone: information on the servlet zone (the servlet zone corresponds to mapping of the root application URL (see parameter WEBAPP_ROOT_URL).

Optional parameters: optional parameters for Web Start configuration can be stored in this field. The parameters can be specified sequentially in the following format, separated by a semicolon:

PARAMETER1=VALUE1; PARAMETER2=VALUE2

The optional parameters may correspond to the settings options that can be entered in the dialog's input fields (e.g., refer to Encryption, Compression).

Clicking the Save button saves the changed connection settings for the user who is currently logged in.

Change password

Change password

Clicking on this entry allows the user to change his FirstSpirit Server login password.

Password: the current password must be entered again in this field.

New password: the new password is entered in this field.

Repeat password: the new password is entered again in this field to rule out any accidental spelling errors when changing the password.

Clicking on the Change button applies the new password to the user who is logged in.

Important This entry is available only to users who have logged onto the server manually and not to external users who have been added using an automatic SSO login.

Change user

Changing users

Clicking on this entry allows a different user to log on to the server. The login page appears again and now also includes the automatic login option.

If the server has an SSO-compatible login module, there will now be an option to log onto the server automatically using Windows login credentials. Clicking on the “Automatic Login” button logs the user in using Windows login credentials.

Logout

Clicking on this entry lets the user log out of the system. The login page then reappears.

© 2005 - 2022 Crownpeak Technology GmbH | All rights reserved. | FirstSpirit 2023.1 | Data privacy