Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Chinese

Pagetitle
安全最佳实践
安全最佳实践

Table of Contents

Image Modified

SSL

English
Enabling SSL would ensure that communication between the end user's browser to be server is secure. Please see Setting Up SSL on Tomcat to learn more.
Chinese

启用SSL将确保最终用户的浏览器与服务器之间的通信是安全的。请参阅  在Tomcat  上设置SSL以了解更多信息。

...

Info
titleShowing the App in App Center only after user is logged on

The most common practice is to list down apps in the App Center only if the user is logged in. To do so, head to the Userview Properties of your app, and locate Permission Type and set it to Logged In User.

Chinese

最常见的做法是仅在用户登录时在App Center中列出应用程序。为此,请到 您的应用程序的“用户视图属性 ”,然后找到“ 权限类型” 并将其设置为“ 登录用户”

Thai

แนวทางปฏิบัติที่พบบ่อยที่สุดคือการแสดงรายการแอพใน App Center เฉพาะเมื่อผู้ใช้ลงชื่อเข้าใช้ โดยให้ไปที่ Userview Properties ของแอปของคุณจากนั้นค้นหาประเภทการอนุญาตแล้วตั้งเป็น Logged In User


As a best practice, the userview should be secure by default. You can set the userview permission as a whole to "Logged In User" before further hardening at each and every userview category, including the hidden ones. An unprotected userview allows anonymous users and even robots (i.e googlebots to cache the page) access the userview when the app is set to published.

"Hide From Menu" under Userview Category does not mean it is not accessible. It is simply not visible to users.

Read more at Permission Control.

...

Chinese

\ apache-tomcat-8.5.14 \ webapps \ jw \ WEB-INF \ classes中 找到 customApplicationContext.xml 文件  ,  并在第6-9行添加,如下所示。    

Thai

ค้นหาไฟล์ customApplicationContext.xml in \apache-tomcat-8.5.14\webapps\jw\WEB-INF\classes และเพิ่มในบรรทัด 6-9 ดังที่แสดงด้านล่าง

Code Block
languagejs
linenumberstrue
<beans xmlns="http://www.springframework.org/schema/beans"
       xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
       xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.5.xsd">
 
    <bean id="dataEncryption" class="org.joget.apps.workflow.security.SecureDataEncryptionImpl">
        <property name="salt" value="NEW-VALUE-GOES-HERE"/>
        <property name="key" value="NEW-VALUE-GOES-HERE"/>
    </bean>    
	
</beans>

...