To improve security, as of version 9.1, Definition Center will block redirects that do not go to the server originating the request. The Definition Center will use two new properties in the irise.properties file to determine if the redirect request matches the originating server. The first of these is irise.server.domain.name and will contain the fully qualified domain name of the server. You will be prompted at installation or upgrade to v9.1 to specify the fully qualified domain name in this property.
Since many organizations use server aliases, short names or IP addresses in lieu of the often long complicated fully qualified domain name a second property was added to the irise.properties file to contain these alternate names for the server irise.server.redirect.whitelist. These you add manually to the irise.properties file after installation as a comma separated list. Any request coming from one of the items on the whitelist will pass through. Attempted redirects from an alias, short name or IP address not on the whitelist will result in a 403 error in the browser.
Installing or updating iRise Definition Center to version 9.1
When installing iRise v9.1 for the first time or updating a prior installation to v9.1 you will see a new screen that directs you to enter the server’s fully qualified domaion name (FQDN). The screen looks like this.
You will not be able to proceed with installation unless you enter in the fully qualified domain name. To find your fully qualified domain name do the following:
- Type ipconfig /all at the command prompt and hit enter
- Look at the top of the response for the ‘Host Name’ and ‘Primary dns Suffix’ parameters.
- Combine the servername followed by a period and the Primary Dns Suffix to create your fully qualified domain name
From the screenshot below your fully qualified domain name would be servername.mydomain.com.
Adding entries to the White List
If end users use an alias, short name or IP address to access your Definition Center you must now add those to the White List parameter in the irise.properties file
After installation is complete, open up the c:\iRiseDefCenter\Tomcat\conf\irise.properties file. Locate the parameter ‘irise.server.redirect.whitelist’. After the equals sign add a comma separated list of additional aliases, short names and/or IP addresses that may be used to access the Definition Center. Save the file and restart the Definition Center service for your changes to take effect.