All Collections
Install and Configure
Configuration
New Security Feature v9.1 Definition Center
New Security Feature v9.1 Definition Center
This article describes the new security feature in v9.1 Definition Center.
Jamie Gutierrez avatar
Written by Jamie Gutierrez
Updated over a week ago

To improve security, as of version 9.1, Definition Center will block redirects that do not go to the server originating the request. The Definition Center will use two new properties in the irise.properties file to determine if the redirect request matches the originating server. The first of these is irise.server.domain.name and will contain the fully qualified domain name of the server. You will be prompted at installation or upgrade to v9.1 to specify the fully qualified domain name in this property.
 

Since many organizations use server aliases, short names or IP addresses in lieu of the often long complicated fully qualified domain name a second property was added to the irise.properties file to contain these alternate names for the server irise.server.redirect.whitelist. These you add manually to the irise.properties file after installation as a comma separated list. Any request coming from one of the items on the whitelist will pass through. Attempted redirects from an alias, short name or IP address not on the whitelist will result in a 403 error in the browser.

Installing or updating iRise Definition Center to version 9.1

When installing iRise v9.1 for the first time or updating a prior installation to v9.1 you will see a new screen that directs you to enter the server’s fully qualified domaion name (FQDN). The screen looks like this.

You will not be able to proceed with installation unless you enter in the fully qualified domain name. To find your fully qualified domain name do the following:

  1. Type ipconfig /all at the command prompt and hit enter

  2. Look at the top of the response for the ‘Host Name’ and ‘Primary dns Suffix’ parameters.

  3. Combine the servername followed by a period and the Primary Dns Suffix to create your fully qualified domain name


 From the screenshot below your fully qualified domain name would be servername.mydomain.com.

Adding entries to the White List

If end users use an alias, short name or IP address to access your Definition Center you must now add those to the White List parameter in the irise.properties file
 ​

After installation is complete, open up the c:\iRiseDefCenter\Tomcat\conf\irise.properties file. Locate the parameter ‘irise.server.redirect.whitelist’. After the equals sign add a comma separated list of additional aliases, short names and/or IP addresses that may be used to access the Definition Center. Save the file and restart the Definition Center service for your changes to take effect.

Did this answer your question?