Faspex Web Server Configurations |
Within the IBM Aspera Faspex on Demand Web UI, go to to view and/or modify your server's security settings for Faspex user accounts, self registration, external senders and encryption.
Configuration Option | Description |
---|---|
Session timeout | Sessions will time out after the specified number of minutes of inactivity. |
Lock users | Lock the user account when login attempts fail under the specified circumstance or after a specified number of days of inactivity. |
Remove users | Remove users after a specified number of days of inactivity. |
Prevent concurrent login (checkbox) | If enabled, users can only be logged in from one client at a time. |
Use strong passwords (checkbox) | If enabled, requires newly created passwords to contain at least one
letter, one number and one symbol. Note that existing passwords will remain
valid. Administrators may also change the strong password criteria by
editing the faspex.yml file, which is located in the following
directory:/opt/aspera/faspex/config/faspex.yml Inside faspex.yml, paste the following (where StrongPasswordRegex is the password criteria as a regular expression and StrongPasswordRequirements is the description that appears to the user underneath the field): StrongPasswordRegex: (?=.*[A-Z])(?=.*(\d|\W|_)).{7,} StrongPasswordRequirements: "Password must meet this criteria..." For more information on faspex.yml, refer to Appendix: Configuring Faspex with faspex.yml |
Require new users to change password on first login | If this feature is enabled, new users must enter a new password when they first log in. |
Allow locked out users to unlock themselves | If this feature is enabled, locked out users can select the Forgot my password button to have a password reset email sent to them. Using the link, they can reset their email and log in. |
Keep user directory private (Yes/No) |
When set to Yes, prevents a Faspex user (even if they have permissions to send to all Aspera Faspex users) from being able to see the entire user directory. You can override this setting on a user-by-user basis by editing their permissions. Important: When the privacy setting is turned on (set to
Yes), users who have been assigned the role
of Workgroup Admin can still view the entire list of Aspera
Faspex users via the
Workgroup Members page.
|
Configuration Option | Description |
---|---|
Self registration | Determines if non-users can create or request user accounts. Choose between
none (not allowed),
moderated (an administrator must approve the
account before it is created), and unmoderated (once
a user registers, his or her account will be automatically created). If you
allow self-registration, the moderated setting is
recommended for security. Warning: If self-registration is
enabled, then it could be utilized to find out whether a certain account
exists on the server. That is, if you attempt to self-register a
duplicate account, then you will receive a prompt stating that the user
already exists.
After a user self-registers (either moderated or unmoderated), his or her account will inherit the permissions of the configured template user and will automatically become members of designated workgroup(s). To configure the template user, go to workgroups link. Although self-registered users are not allowed to send packages to other self-registered users, by default, you can modify this setting by marking the Self-registered users can send to one another checkbox. . To set the workgroups that newly created users will join, click theImportant: To prevent a
self-registered account from having the same email address as a full
Faspex user, Administrators can add a
special option to faspex.yml. You will find faspex.yml in
the following directory:
/opt/aspera/faspex/config/faspex.yml Inside faspex.yml, within the "Production:" section, paste the following option and set it to true: EnforceSelfRegisteredUserEmailUniqueness: true |
Terms of service | (Optional) If text is set, then users will be required to accept the statement in order to create an account. |
Notify the following emails to approve | This field appears when moderated is selected, above. Input one or more email addresses to notify for moderation. Note that these email addresses are not validated against existing Faspex administrators and/or managers. |
Self-registered users can send to one another | When checked, self-registered users will be allowed to send packages to other self-registered users. |
Configuration Option | Description |
---|---|
Allow inviting external senders (checkbox) | When enabled, external senders (those who do not have Faspex accounts) can be invited to send a package. An Administrator can enable/disable this feature for specific users from the page, while still retaining the server-wide setting of enabled or disabled. Please refer to Create a New Faspex User for details on this user setting. |
Allow public URL |
A Public URL can be used by external senders to submit packages to both registered Faspex users and dropboxes. The benefit of using a Public URL is in the time-savings, such that external senders no longer need to be individually invited to submit a package (although that functionality still exists). When a Public URL is enabled and posted to a an email, instant message, website, etc., the following workflow occurs:
Thus, when the field Allow public URL is enabled (e.g. set to Allow), the Public URL feature is turned on for all Faspex dropboxes and registered users. If the Allow dropboxes to individually enable/disable their own public URLs checkbox is enabled as well, then individual dropboxes can override the server setting and turn off this feature. Individual Aspera Faspex users, on the other hand, can override the Public URL server setting for their own accounts by going to and disabling the checkbox. Important: An Administrator can enable/disable the Public URL feature for specific
users from the page, while still retaining the server-wide setting of
enabled or disabled. Please refer to Create a New Faspex
User for details on this user setting.
|
Allow sending to external email addresses (checkbox) | Faspex packages can be sent to people who do not have Faspex accounts. When set to Allow, all Aspera Faspex users will be able to send to external email addresses, by default. When set to Deny, you must enable this behavior within each individual user account (by checking the option for Sending to external email in their account settings). Please refer to Creating a New Faspex User for details on this user setting. |
Package link expires (checkbox and text field) | When enabled, the package link will expire after the specified number of days. |
Expire after full package download (checkbox) | If this checkbox is enabled, the package link will expire after one (1) download (which applies when the link is forwarded, as well). After the first download, the file(s) must be re-sent in a new package, via Faspex, for the recipient to be able to download them again. |