Portal properties
The portal properties are the central location in Intrexx where a good deal of information and many settings for your portal are displayed. At the same time, you have the option of changing settings that were made when the portal was created (retrospectively) and of making settings that are only required after a portal has been created.
In the portal properties, you can also perform actions such as porting (migrating) databases or adding certificates.
General
The portal name and the portal directory are displayed here.
Portal name
The portal name that you assigned when creating a portal is displayed here (General settings).
If you change the portal name, this only causes changes in the display within the Portal Manager. For example, the (changed) portal name is displayed in the title bar of the Portal Manager and the "Options" dialog.
Changing the portal name does not cause changes in the portal directory or the files stored there, nor does it cause changes in the database.
The portal name does not correspond to the URL used to open the portal in the browser. You define the URL in the front-end web server. (For more information, see Add website in IIS.)
Portal directory
The portal directory that you selected when creating a portal is displayed here (General settings).
Front-end web server (reverse proxy / load balancer)
The settings you made when setting up the front-end web server are displayed here. The settings differ depending on which front-end web server you use.
See the section Front-end web server.
If you want to make a change in connection with the front-end web server, you can do so in this dialog.
IIS
IIS website
Select the website that you added to IIS for your portal earlier. Do not use the "Default Web Site" from IIS.
Embedded Tomcat Port
The port that you used in the previous version of Intrexx will be shown here. You can leave this port as it is.
Please note: The port 1337 is predefined for a new installation.
Base URL of the portal
The base URL needs to be entered here.
By default, the displayed base URL is derived from the website binding information in the Internet Information Service (IIS). These are the "Type" and "Hostname" specifications. (Please refer to the section Add website in IIS.)
Please make sure that this ends with a slash (/). It is essential that this is correct so that your portal can be accessed in the browser.
NGINX
NGINX virtual host
"NGINX virtual host" refers to the embedded Tomcat. NGINX connects to the Intrexx portal service via the virtual host. Typically, "localhost" should be entered here. (One exception to this is when NGINX is installed on a different server to Intrexx. In this case, the Intrexx server should be specified here.)
NGINX configuration file
You can generate the NGINX configuration file with Intrexx.
Enter the path to the directory that the NGINX configuration file should be generated in.
Example: /myfolder/portal.example.com.conf
Afterwards, copy and link the NGINX configuration file to the desired folder within "/etc/nginx".
Example: /etc/nginx/sites-available/ portal.example.com.conf
Embedded Tomcat Port
The port for the Embedded Tomcat is displayed here. (For a new installation, this is port 1337.)
Base URL of the portal
The base URL needs to be entered here. The first part refers to the protocol. Please note that here https is indicated. The second part is made up of the hostname that you defined in the NGINX configuration file. Please make sure that this ends with a slash (/). It is essential that this is correct so that your portal can be accessed in the browser.
No front-end web server
Embedded Tomcat Port
The port for the Embedded Tomcat is displayed here. (For a new installation, this is port 1337.)
Encryption (HTTPS)
Activate this checkbox if you would like to encrypt communications between the embedded Tomcat and the browser.
Self-signed certificate for "localhost"
Select this option if communications between the embedded Tomcat and the browser should be encrypted using a self-signed certificate (for test and development portals).
In this case, Intrexx automatically generates a self-signed certificate and uses it for the encrypted connection.
Certificate file
Click on the icon to search for the certificate.
Certificate type
Select the type of certificate store (keystore) that the certificate is saved in.
Keystore password
Enter the password for the keystore that the certificate is saved in.
Certificate key password
Enter the password for the certificate (certificate file).
Please note: The password for the keystore and certificate store are often identical.
Base URL of the portal
The base URL needs to be entered here. The first part refers to the protocol. Please note that here https is indicated. The second part consists of the host name. Please make sure that this ends with a slash (/). It is essential that this is correct so that your portal can be accessed in the browser.
You can generate a CSR (Certificate Signing Request) in this dialog. Detailed information on this can be found in the section Generate CSR (Certificate Signing Request) without a front-end web server.
Manual setup
Base URL of the portal
The base URL needs to be entered here. The first part refers to the protocol. You have configured an encrypted connection between the Intrexx portal server and the browser. The second part consists of the host name. Please make sure that this ends with a slash (/). It is essential that this is correct so that your portal can be accessed in the browser.
Ports
The settings for the ports used are displayed here.
REST
Communication between the Portal Manager and the corresponding portal on the Portal Server takes place via the REST port. The REST port must be specified with every login to the portal. Refer also to the section Connecting to your portal.
The values that Intrexx automatically assigned when the portal was created are displayed here. These values can be changed if necessary, for example if security aspects require this. A change requires a restart of the portal service.
Link address
By default, the value 0.0.0.0 is stored here in order to be ready to receive on all available addresses.
Port
When creating a portal, Intrexx determines a suitable port automatically. This port is displayed in this field.
Web service
In Intrexx, you have the option of offering web services in the "Integration" module.
You can make the settings required for the web service either in the "Integration" module or centrally in the portal properties. The settings stored in the portal properties are transferred to the settings in the "Integration" module.
The following screenshot shows the dialog with the settings in the "Integration" module.
The settings that you can enter centrally in the portal properties are described below.
Link address
The bind address (IP or server name) can be entered here.
Port
You can enter the port here.
Host
You can enter the web service host here.
Active
If you activate this checkbox, the web service is active.
More information
Proxies
You can create and manage proxies here. The proxies set up here are used for communication between Intrexx and external websites and Internet services.
First column (checkbox)
Clicking in the first column will activate or deactivate a proxy. The setting is always to be understood from the perspective of the Intrexx Portal Server.
"Proxy type" column
Select the proxy type here. Selecting the entry "<none>" in the proxy type drop-down list means, that for the entered URL pattern no proxy will be used.
"Server/Port" column
In the third column, enter the server name or the IP address. The port must only be changed if port 8080 is already in use.
"Rule" column
A list of rules can be entered here with a comma-separated list which are then routed through the proxy. At least one of the rules must apply. With the wildcard *, everything will be routed through the proxy.
Example 1
https://server\\.tec\\.example\\.com:4444/services*
This rule accepts exactly those URLs that start like this:
https://server.tec.example.com:4444/services
Example 2
https://server.tec.example.com:4444/services*
This rule accepts exactly those URLs that start like this:
https://server.tec.example.com:4444/services
Example 3
https://*/services/*_"
This rule accepts URLs that start like this:
https://
And include the following:
/services/
Make sure you define the rules in such a way that they only apply in the cases for which they are intended. Otherwise, this could lead to unexpected behavior - e.g. using the rule "http://*" means that URLs from the local computer (e.g. https://localhost:8983) are also affected - which is usually not intended.
"Auth." column
A key symbol is displayed in this column if you have set up proxy authentication. (Refer also to Authentication.)
Add proxy
This symbol can be used to add another proxy. One row is inserted at a time. Click in the respective fields to edit them.
Delete proxy
You can delete a proxy using this icon.
It may be necessary to store authentication data in the proxy.
To do this, click on the icon.
The "Proxy authentication" dialog box is displayed.
Activate the "Use proxy authentication" checkbox and enter the user name and password.
More information
Start parameters
You can define start parameters here. These include the memory requirements for the working memory and the duration of a "portal session" before an automatic logout occurs.
Memory allocation while starting
Here it is possible to define start parameters, which will optimize the performance of the portal. With the sliding bars, you can set the amount of memory space the portal will be assigned while starting The initial value is 64 MB. This is enough for almost all cases. If you want to increase the value, we recommend a value of 256 MB. The value should be increased to 512 MB at the most.
Maximum memory allocation
Here, define the maximum amount of memory that can be assigned to the portal. The maximum memory value depends directly on the size of the portal. Because of this, we cannot give a real recommendation here. Experience shows that a live system should be operated with at least 2048 MB RAM. Portals that are well used and have about 100 active users require 4096 MB according to experience. If your portal requires an allocation of more than 8 GB of RAM, we recommend that you consult with technical support.
Session timeout
Enter the number of seconds, after which an inactive session will be ended automatically.
The session timeout must not be greater than 2073600 sec. (24 days).
Session timeout of anonymous user
Enter the number of seconds, after which an inactive session of an anonymous user will be ended automatically.
The session timeout must not be greater than 2073600 sec. (24 days).
Session Notifier (automatic Logout)
The layout of the message that is displayed at the bottom right of the portal for automatic logout after a session timeout can be changed in the "Design" module.
The corresponding styles can be found in the "Layout / Control elements / Advanced properties / Messages" section.
Security
You can make security settings here. This involves settings for the following points:
-
Session cookies
-
CORS settings for API login endpoints
-
Upload and download images to and from the "userfiles" directory
-
User-defined portlets
Session cookies
Intrexx version 12.0.0
Intrexx version 12.0.1
Use secure flag for session cookies
With this setting the session cookie is set the secure flag. This prevents the browser from sending the session cookie in HTTP requests which prevents reading when accessing unencrypted resources. The session cookie is consequently sent only on HTTPS requests to the same domain. There are three options available:
-
Always
-
Scheme dependent (only with https:// in base URL)
-
Never
SameSite attribute for session cookies
Here are three options available:
-
Lax
-
Strict
-
None
The none option should only be used when the connection is encrypted from the browser's viewpoint.
More information about this topic can be found at https://developer.mozilla.org under the following link Set Cookie.
CORS settings for API login endpoints
You can make CORS settings for the Login API endpoints that are included in delivery by default as well as for the API endpoints that you create. You can use the CORS settings to control from which websites or portals the API endpoints can be called (in the browser).
For more information on API login endpoints, see the section CORS - Cross Origin Resource Sharing.
Intrexx version 12.0.1
Upload / Download
Here you can make settings for the "userfiles" directory.
The "userfiles" directory can be found at the following location <portal directory> \external\htmlroot\userfiles
Image files are stored in the "userfiles" directory, which portal users upload via the "Insert/edit image" button in the "TinyMCE Advanced" editor(TinyMCE Advanced ), among other things (?).
You can use the settings on this page to specify whether images may be uploaded and downloaded by portal users.
Upload to and download from /userfiles/ is activated
If you activate this option, files can be uploaded in the "TinyMCE-Advanced" editor.
At the same time, the files are available in the portal or are displayed there.
Please note that the "Enable file upload" checkbox must be activated in the configuration of the "TinyMCE-Advanced" editor in order to upload files.
This option is activated by default when updating existing portals to version Intrexx 12.0.1 (and higher).
Upload to /userfiles/ is deactivated, but download is activated.
If you activate this option, no files can be uploaded in the "TinyMCE-Advanced" editor. However, files that were uploaded at an earlier time are still available in the portal or are displayed there.
This option is relevant in connection with changing the settings. For example, if you had temporarily activated the option "Upload to and download from /userfiles/ is activated" (see above), uploading files was permitted. If you want the files already uploaded during this time to remain available for download, you can select this option ("Upload to and download from /userfiles/ is activated").
You can also use this option if you want to enable files to be uploaded to the "userfiles" directory, but these are not required in the portal, but are processed in other contexts.
Upload to and download from /userfiles/ is deactivated.
If you activate this option, files cannot be uploaded in the "TinyMCE-Advanced" editor, nor are they available in the portal.
This option is activated by default when creating new portals.
This option overrides the "Enable file upload" setting in the "TinyMCE-Advanced" editor.
More information
Intrexx version 12.0.2
Portlets
Here you can set how the content of user-defined portlets should be rendered.
Display HTML (with protection against cross-site scripting)
With this option, only the HTML code is rendered. JavaScript code is removed before rendering.
This option is the default setting.
Show HTML
With this option, the HTML code is rendered and JavaScript code is executed.
Show text only
With this option, the HTML code is not rendered. The HTML code is only displayed as text.
Overview of default settings
Below you will find an overview of the Intrexx default settings for the "Security" menu item:
Session cookies scheme "Dependent (only for https:// in base URL)"
SameSite Attribte "LAX"
Upload/Download "Upload and download of /userfiles/ is disabled"
For portlets "Show HTML (with protection against cross-site scripting)"
Behavior during portal import and update
If you have exported portals from Intrexx 12.01 and lower and import them into Intrexx 12.0.2 and higher, the setting for portlets will be set to "Show HTML (with protection against cross-site scripting)".
When updating to Intrexx 12.0.2, the settings will not be changed.
Options
Here you will find a range of different setting options for your portal. The settings range from user tracking to activating Groovy Remote Debugging.
User tracking
With this setting, the GUID of the user is also written to the log file in the portal directory internal/statistics when application pages are accessed.
Please note the relevant data protection regulations.
Yellow fade
In some contexts, the (dynamic) loading of data can take some time. If you activate this checkbox, changes are highlighted in yellow for a short time during this period.
Display info after saving/deleting a data record
If you activate this checkbox, portal users will see a message informing them that they have saved or deleted a data record.
Displaying the information message is required for accessible portals. However, it is also generally helpful if you want to show portal users a visual confirmation after saving or deleting data sets.
Enable login process event
This setting has the effect of sending the login of a user in the form of a server event, which can be evaluated in the "Processes" module with a Groovy Script event handler.
At most one selected tenant
With this option, a user can only select one tenant and therefore can therefore only see the data of this selected tenant.
Show detailed error information
If errors occur on the server, this will be shown in the web. If this setting has been activated, additional error details will be provided.
Always create history entry when publishing applications, workflows or layouts
If you activate this checkbox, you must always enter a comment about the history when publishing (saving) applications, processes and designs.
The checkbox with which you can prevent the entry of a comment is then not displayed.
Further settings for entering comments can be found in the main menu "Extras/Options" item. There you can make the settings for publishing applications, processes and layouts with or without a history for each module.
The option "Always create entry in history when publishing applications, workflows or layouts" described here in the portal properties overrides the setting that you can define for each module.
Further information on versioning can be found in the section Versioning.
Activate Groovy Remote Debugging
Detailed information on this can be found in the section Groovy Remote Debugging.
Database
The database settings that you made when creating a portal are displayed here.
Detailed information on this can be found in the section Database server.
At the same time, you have the option of porting databases.
Here you will be notified of the type of database, the database version, the current driver, the driver version, the database name, and the username used to access the database.
Database porting - Database migration
Regional settings
Here you have the option of adapting the regional settings of your portal. These include formats, time zones, languages and global texts. You can set up multilingual portals here. Detailed information on this can be found in the section Multilingual portals.
Format
Different formats for displaying date and number values are used across the world. To provide portal users with the option to use formats that correspond with their region, so-called formats can be defined.
Detailed information on this can be found in the section Format.
Time zone
A time zone can be assigned to the portal here. Usually, this is the time zone of the server or the company headquarters. If portal users work in different time zones, these time zones can be assigned to a user in the user properties in the Users module. The time zone specified in the portal properties will be used if a custom time zone is not defined for a user.
Detailed information on this can be found in the section Time zone.
Languages
Any number of languages can be activated for your portal.
Detailed information on this can be found in the section Languages.
Global texts
In the global texts area, the default texts that appear in the portal can be modified in each of the portal languages.
Detailed information on this can be found in the section Global texts.
Certificates
You can configure the certificate store of the portal server here. If certificates are required, e.g. for accessing web services, LDAP servers, RSS feeds or OData services, then they are retrieved from this store.
Detailed information on certificates can be found in the section Certificates and encrypted connections in Intrexx.
Import certificate into certificate store
Step-by-step guide
To import a certificate to your portal certificate store, please proceed as follows:
-
Open the portal properties ("Portal" menu > "Portal properties").
The "Edit portal" dialog will open.
-
Click on "Certificates".
You will now be on the "Certificates" page.
If you have not yet access the certificate store, you will see a lock symbol and a link. -
Click here to access the certificate store.
The "Certificate store password" dialog will open.
Enter the password "changeit" if you have not defined a password for the certificate store. (You can change the password for the certificate store in the next dialog.)
Enter your password if you have defined a password for the certificate store.
-
Click on "OK".
You will now see a list of all certificates included with Intrexx.
-
Make the necessary entries.
-
Click on "Next".
Details of the certificate selected in the previous step are shown in the next dialog. -
Click on "Next".
-
Provide the certificate with an alias name in the next dialog.
The alias name helps you identify the certificate in the certificate store. -
Click on "Finish".
You will now be returned to the certificate store. The certificate imported by you is shown here.
You have imported a certificate into your portal certificate store.
Click on "+".
The "Certificate import" dialog will open.
To finalize the import of a new certificate or to prevent a deleted certificate from being used, you need to restart the portal server.
Edit password
The password for the certificate store can be changed by clicking on the key symbol at the bottom right of the dialog.
Reset certificate store
If you no longer know the password for the certificate store (Portal > Portal Properties > Certificates), you must reset the certificate store. (It is not possible to reset the password).
To reset the certificate store, replace your portal's certificate store at the file level with the certificate store that was delivered with Intrexx.
You can find your portal's certificate store here:
<intrexx-installation-directory><org><portalname>/internal/cfg/cacerts
You can find the certificate store that was delivered with Intrexx here:
<intrexx-installation-directory>/orgtempl/blank/internal/cfg/cacerts
Please note that any certificates you have added will be lost when the certificate store is reset.
Documents
Here you can define settings for creating documents.
Detailed information on this can be found in the section Generate documents.
Templates
Detailed information on this can be found in the section Templates.
Document generation
More detailed information is available in the section
JMX
This page is only displayed if the expert options (Options - Portals) are activated for the portal.
Here you can activate JMX (Java Management Extensions).
The settings set the following properties in the portal.wcf file:
-
com.sun.management.jmxremote.port=<port number>
-
com.sun.management.jmxremote.authenticate=[true/false]
-
com.sun.management.jmxremote.ssl=[true/false]
<intrexx-installationsverzeichnis>\org\<portalname>\internal\cfg\.
If necessary, you can make changes to the file manually.
More information
Processes
Here you can define a default user for Global timer in processes.
Default user for event sources in processes
Here you can define a default user for event sources in processes. This will be used by Intrexx as the "Executing user" of the process if you have not defined another user in the event source.
Background processes must always run in the context of a user in Intrexx, so that Intrexx can, for example, perform permissions checks or so that users can be written to a data record for data group actions that can follow event sources.
The following screenshot shows a timer as an event source in which the user stored in the portal properties has been selected as the "Executing user".
More information