Security Features

SEARCH'97 Information Server includes password protection for administration, and support for automatically authenticating on secure paths.

Administrator Security

Access for administering Information Server is secured by password. During installation, you are prompted for a username and password for the administrator account. Administration security is enabled by default and cannot be disabled.

To administer Information Server, you enter the appropriate URL for the protocol you are using:

Protocol
Sample URL with security filter
NSAPI
http://www.webserver.com:8989/search97secure/s97a.vta
ISAPI
http://www.webserver.com:8989/search97secure/s97a.dll
CGI
http://www.webserver.com:8989/search97securecgiadm/s97a_cgi?

You wil be presented with a standard username and password dialog box.

A command line utility, changepw, is available if you need to change the username or password at any time. Type changepw by itself and press Return to view the utility's parameters:



%changepw

usage: changepw pwfile user command [password]

           where command is one of : get, set, delete
To change the administrator password, do the following:

1. Open a command prompt window.

2. Change to the directory which contains changepw.

For Solaris: installdir/_solaris/admin

For Windows NT: installdir/_nti31/admin

3. Execute the utility changepw, as follows:

%changepw ../../user_db/verity.pwf admin set <newpassword>

where ../../user_db/verity.pwf is the path and filename of the password file, and newpassord is the new password which will go into effect for the next browser session you start.

Authenticating Secure Paths

 Some sites secure documents by requiring authentication on the directory in which they are stored. This is typically accomplished using the administration functions of the Web server. In order to retrieve documents for indexing from such secured directories, the command line indexer, vspider, can use the -auth switch to reference an authentication file.

To allow users to view, with highlights, such indexed files, you must add a line in inetsrch.ini to reference the same authentication file used by vspider.

Under [Collection] in inetsrch.ini, add the following line:



[Collection]

Authfile=path
where path is the location of the authentication file used by vspider to index the secured documents.

NOTE: Compromised Security

Be aware that storing the username and password for a secured path allows users to see all documents within the authenticated path. Storing the username and password does, however, provide automation and allows users to view highlights within the retrieved documents. You will need to balance the need for such automation and functionality against the possible compromise in security created by allowing access to all documents within a secured directory.



Copyright © 1998, Verity, Inc. All rights reserved.