HTTP/HTTPS File Server - Advanced
The Advanced Settings screen for the HTTP File Server contains additional options that you do not normally need to modify.
SSO Mode
The option to Allow pre-authentication (SSO) enables MAPS to receive requests that have been authenticated through a separate authentication server. Users connect to the authentication server, which logs the user in to some other system that can then send requests to MAPS as though that user were logged in to MAPS. The authentication server should be behind the same firewall as MAPS.
The Special Header field defines the attribute name in the request header which contains the username. When SSO mode is enabled, MAPS will examine each request header it receives for this attribute. If a username is present in the specified Special Header field, MAPS will respond to the request as though it came from the already-logged-in user listed in the header.
Some commonly-used attribute names include EPPN, REMOTE_USER, and USER. You may also type directly in this box to specify a different attribute name, depending on how your authentication server is configured.
When a user connects, they will log in with a username of the format user@host. Note that there must be a MAPS user with this exact name (including the @host) in order to log the user in. As with any MAPS user, this user must be correctly configured in MAPS and given appropriate permissions.
Content Delivery Network (CDN)
In MAPS version 4.4 and higher, the web files for the eLauncher and Argos Web Viewer are loaded on demand from Evisions’ servers. This allows us to deploy updates to the product launch page and Argos Web Viewer without requiring you to update the MAPS service or the Argos mapplet. Evisions uses a Content Delivery Network (CDN) to host the pages. The Content Delivery Network (CDN) URL field contains the location where MAPS looks for the CDN. The default URL points to the hosted content on Evisions’ servers, located at https://evicdn.evisions.com. Altering this URL will cause MAPS to look in a different location for the eLauncher and Web Viewer files and should only be done when working with an Evisions tech on a support issue.
Note: In order to retrieve content from the CDN, end users must be able to access the CDN URL over the internet. Users who are blocking JavaScript for some websites must allow an exception for the CDN URL. If a user can access the URL but does not have JavaScript enabled, they will see a blank screen since the redirect to the local version requires JavaScript to be enabled in the browser.
If you do not wish to use the hosted files, you can continue to use the local versions included in the MAPS service and Argos mapplet by blanking out the CDN URL field. In this case, you will need to wait for new releases of MAPS and Argos before you can get the latest updates to the eLauncher or Web Viewer.
When the CDN is enabled, if a user cannot access the CDN resources for some reason, MAPS serves up the local versions of the launch page and Web Viewer. This ensures seamless access in the event of a network outage or other issue that interferes with accessing the hosted content. You can check the version number at the bottom of the eLauncher or in the Help -> About in the Web Viewer to see which version of the software you are currently running, in case the local and hosted versions are different.
Note: Internet Explorer users with their browser security set to "High" may need to add the URLs of the CDN and MAPS server to their list of trusted sites in order for the redirection to work correctly in the event of an internet outage.
Web Server Timeout
The web server timeout controls how long users will stay logged in to the eLauncher and the Argos Web Viewer if they are not performing any actions. By default, the timeout is 15 minutes.
OpenSSL Version
Here you can specify the version of OpenSSL that will be used by the MAPS server. The default is version 1.1.1.
Note: When you change the OpenSSL version, SSL version, or ciphers on the config tool (TLS version or cipher), the web server will perform a restart.
Minimum and Maximum SSL Version
If your organization is required to support older browser versions, you may need to omit obsolete SSL protocols. You can specify a minimum and maximum SSL / TLS version depending on the Open SSL version you have selected. For Open SSL 1.1.1, the minimum default SSL version is TLS 1, and the maximum default SSL version is 1.3. List of SSL/TLS support by browser
OpenSSL cipher list (TLS 1.2 and below)
The cipher list gives you complete control over the exact SSL ciphers that MAPS is allowed to use, or TLS versions 1.2 and below. The cipher list contains one or more cipher strings in the format described in the OpenSSL 1.0.1 documentation.
OpenSSL cipher suites (TLS 1.3)
TLS 1.3 allows you to specify the exact cipher suites that MAPS is allowed to use, prioritized from left to right. The cipher suites contain one or more ciphers in the format described in the OpenSSL 1.1.1 Documentation.
Note: You should ensure there are no typos in the cipher list. Entering an empty or invalid cipher list will result in MAPS behaving as though you had entered the default cipher list.