Skip Navigation LinksALVAO 10.0ALVAO Service DeskSystem Implementation in an OrganizationInstallationALVAO Server - Manual InstallationWebApp Settings Skip Navigation Links. Skip Navigation Links Skip Navigation Links.


Change ALVAO version
Change language

WebApp Settings

The WebApp (web-based interface for requesters) settings are stored in the Web.config file. This file is in the XML format. You can use e.g. Windows Notepad to edit it. All values must comply with the XML format definition, i.e. you will need to use the "&lt;" entity for the "<" (less than) character and the "&gt;" entity for the ">" character etc.
To avoid unwanted overwriting of settings, the Web.config file is not contained in the installation package. Upon the first installation, you will therefore need to create this file by copying the sample configuration file SampleWeb.config.

appSettings section

In the section <configuration><appSettings>, each configuration variable is stored as the XML tag <add>. The "key" attribute contains the variable name, the "value" attribute contains the value.
The following table contains a list of variables and the description of possible values.

Variable Value
AppName Web application name, e.g. "ALVAO Service Desk". This value will be displayed in the header of each page.
Kb The "0" value means that no Knowledge base will be displayed in the web application. The "1" value will display the Knowledge base.
CustomThemePath Folder path to files for layout editing.

Setting up automatic sign out for inactive users

The user will be signed out automatically after a predefined period of inactivity.

To enable automatic sign out for inactive users (the inactive time is set in minutes between 1–525 600):

UPDATE tProperty SET iPropertyValue = 30 WHERE sProperty = 'WebApp.AutoLogoutMinutes'

To disable automatic sign out for inactive users:

UPDATE tProperty SET iPropertyValue = 0 WHERE sProperty = 'WebApp.AutoLogoutMinutes'

For this to work correctly, it is also necessary to check the settings of the web.config file: the slidingExpiration parameter in the <system.web> <authentication> <forms> section. This parameter must not be filled in or must be true.

Warning:
These settings only work for form-based authentication.

Setting Certain Attachment Types as Forbidden

Use the following SQL script to set certain attachment types as forbidden:
UPDATE tProperty SET sPropertyValue = 'bat, cmd, exe' WHERE sProperty = 'WebApp.AttachmentBlacklist'

After running this script, attachments with the bat, cmd, and exe extensions will be disabled. The list of extensions can be modified as necessary

To restore the default status where no attachments are forbidden, run the following script:
UPDATE tProperty SET sPropertyValue = NULL WHERE sProperty = 'WebApp.AttachmentBlacklist'

Setting the Attachment Maximum Size

The attachment maximum size is defined in the <configuration><system.web><httpRuntime> section in the "maxRequestLength" variable in kilobytes [KB].

In case of using IIS7 and later you need to edit the attachments maximum size also in the <configuration><system.webServer><security><requestFiltering><requestLimits> section in the "maxAllowedContentLength" variable in bytes [B].

Strengthening protection against password-guessing attack

We recommend strengthening protection against password-guessing attack by enabling CAPTCHA.

 

Did not find what you were looking for? Ask our technical support team.