Limiting a eB Web Application for public Use.

We are wanting to create a web application that is safe to deploy in the DMZ.  The main use will be so that predifined quicklinks will be able to access a set document class.  We have done the following to make the web application more secure in the DMZ.

  1. We have set the web config to AutoLogin in with a defined user that only has access to view the set document class.
  2. We have removed all of the eb.PlugIn references except the following
  3.         <add class="eB.PlugIn.DocumentManager.PlugIn" assembly="eB.PlugIn.DocumentManager" />
            <add class="eB.PlugIn.CoreObjects.PlugIn" assembly="eB.PlugIn.CoreObjects" />
            <add class="eB.PlugIn.Core.PlugIn" assembly="eB.PlugIn.Core" />
            <add class="eB.PlugIn.QuickLink.PlugIn" assembly="eB.PlugIn.QuickLink" />
  4. We have deleted the Login.aspx page
  5. We have deleted delete.aspx from …\PlugIns\DocumentManager\Shared

What else can we do to the web application to make it more secure?

I also had the following questions about the quicklink output.

  1. Is it possible to keep the Actions Frame from even displaying when using a quicklink or a web application?
  2. If 1 is not possible it possible to remove the action items in Red from displaying in the Actions Frame of a web application.
  3. If 2 is not possible is it possible to limit the functionality highlighted in red from being possible through permissions and security.  The one that I am having difficulty limiting is "Add Note".

Thanks for your help in advance.


Parents Reply Children
No Data