Date Posted:
Product: TIBCO Spotfire®
Product: TIBCO Spotfire®
Problem:
How to remove unencrypted Windows credentials from the Keep Alive service configuration file.
Solution:
Depending on the type of authentication you have configured for your Spotfire Web Player, you may be required to enter the WindowsUserName and WindowsUserPassword of your Windows account in the Spotfire.Dxp.Web.KeepAlive.exe.config. This is stored in plaintext and there is no way to encrypt this configuration file.
The plain text storage of the Windows credentials can be avoided by having the Keep Alive service run as a specific Windows Account instead of setting Windows username/password in configuration file. To configure, do the following.
- Run > Services.msc > Right click on "TIBCO Spotfire Web Player Keep Alive" service > Properties > Open the "Log on" tab > Select "This account".
- Enter the username and password of an account that has the user rights to access IIS in order for the ping to reach the Spotfire Web Player. It must be a valid Windows account that can access the web application.
- Remove the WindowsUserName and WindowsPassword values from the Spotfire.Dxp.Web.KeepAlive.exe.config file. For example:
From:<setting name="WindowsUserName" serializeAs="String"> <value>WindowsUserName</value> </setting> <setting name="WindowsPassword" serializeAs="String"> <value>WindowsPassword</value> </setting>
To:<setting name="WindowsUserName" serializeAs="String"> <value/> </setting> <setting name="WindowsPassword" serializeAs="String"> <value/> </setting>
Comments
0 comments
Article is closed for comments.