Skip to main content

Admin - Securing your environment

Scott Allen
Updated

In order to secure QUBEdocs it is recommend that you:

  1. Configure the website running QUBEdocs to use HTTPS
  2. Change default passwords and keys
  3. Setup QUBEdocs to use Windows Authentication

This article focuses on setting up QUBEdocs with Windows Authentication.

 

Securing QUBEdocs

Securing access to connections, specific pages or a combination of both can be achieved when QUBEdocs is running in secured mode.

 

Once QUBEdocs is running in secured mode users will need to be added to specific profiles in order to give them access to the information in QUBEdocs.  If segregation between the admin users and all other users browsing the documentation is all that is required, all users can simply be assigned to the default profile.   If more specific requirements such as limiting access by connections is required, additional profiles can be setup and user accounts associated with them.

 

Before setting up QUBEdocs to run in secured mode at least one administrator will need to be associated with the administrator (Admin) profile.  To do this:

1. Select Manage Profiles from the content pane in Administration (i.e. in http://localhost/QUBEdocs/#!/administrator)

2. Select to the administrator profile shown below

         

screely-1714038515522.png

 

3. Select the Profile Users

4. Enter, Validate and then Add the account for at least one user. Note that the users that are assigned here will have access to administer QUBEdocs and add other users. Standard users are typically associated with the default

         

screely-1714038573204.png

 

5. (Optional) You can create custom profiles which limit access to a subset of the Models you've documented in QUBEdocs.

 

screely-1714038745027.png

 

Then move the models you want to permission to this profile using the toggles below.

 

screely-1714038656201.png

 

Next, QUBEdocs needs to be setup to use Windows authentication. To enable this the administrator must first:

Go to http://localhost/QUBEdocs/#!/setup and skip to the page Configure Security. 

Click the switch to turn on security and then click next.

Providing the default profile hasn’t been associated with any accounts, the security setup can be tested by navigating to http://localhost/QUBEdocs/#!/default. If the authentication has been setup correctly a 403 page should be displayed.

 

Filtering out pages and connections

By default, all areas of the documentation are available. The areas (such as tabs or pages) can however be toggled on and off using the buttons on the right hand-side of the contents pane.  In the example below, all areas have been made available apart from the “Processes” tab. 

 

screely-1714038844028.png

 

If the actual documentation is browsed via the QUBEdocs Manager interface, areas that have been filtered out will also be hidden.

When viewing QUBEdocs based on the “default” profile, the areas will be hidden from view.

Related articles

Comments

0 comments

Please sign in to leave a comment.

Powered by Zendesk