Advanced Management
Many of the settings in the advanced section are not intended to be changed, but here’s a line by line breakdown in case you ever wondered.
HTML
HTML is an abbreviation of Hypertext Markup Language. Settings here relate either to the presentation layers, or the no-js pure HTML server output. No-js pure HTML is provided by the server when the end user has disabled JavaScript or is unable to use it. The pure HTML output circumvents the presentation layer.
- Translate label div-tag to h3 tag
- This option makes the server use
<h3>tags instead of<div>tags in the no-js pure HTML output. This is intended for a more web-accessible no-js experience. - Show date of creation in menu
- When checked, this option will tell the presentation layer to show the date of creation per case. Whether the presentation layer actually does or not is dependent on the configuration. In many layers, this option will be ignored.
- Show “Copy Case” in menu
- When checked, this option will tell the presentation layer to allow copying of cases. As with the previous option, whether the presentation layer actually does or not is dependent on the configuration. In many layers, this option will be ignored.
- User external jumplist (if it exists)
- This option pertains to the no-js pure HTML output, and it irrelevant in most cases.
- Show jumps to level
- Tells the server that it should limit jump list items to the specified indentation.
- Show “Delete” in menu
- Tells the presentation layer that it should allow deleting of cases in the case overview of each model. The presentation can (and usually does) ignore this option.
- Show “Report” in menu
- When this option is checked, the presentation layer is able to give a link directly to the report (generated document) of a case from within the case overview. The presentation layer cannot override this.
- Allow case overview
- If this option is unchecked, the presentation layer will not be able to show cases (sessions) for models, even if it’s configured to do so.
- Color for required fields
- Applies the given color to required fields only on the no-js pure HTML output.
Server
- Save cases
- This is the server-wide setting to decide how models should save their cases (sessions)
- Start server automatically
- Each Berkeley Bridge server (service) is hosted on an Microsoft Windows OS based server - should that server be restarted for any reason, this option will tell the service to automatically start. This is checked by default, which in most cases is what you really want.
- Server port
- When running services which need to be routable within a larger server environment, usually Apache, each service needs to have a port number associated to facilitate routing of Internet traffic. Changing the number in this field will lead to the server being un-routable. You should never change this unless you are also the administrator of the host Apache web server and can also maintain the proxy settings.
- Allow user to download case
- Tells the presentation layer that cases may be downloaded. This will likely be ignored by the layer.
- Allow access to this web administration interface
- If this is unchecked, you will no longer have access to webadmin.
- Escape interface output
- Mitigates the risk of Cross-site scripting (XSS) in the no-js pure HTML server output. As long as this is checked, which it is by default, the server will escape* all user input and model output that is displayed on screen. The reason for this is that a malicious user could fill the following into any text input field in a model:
<script src="some-malicious-external-script.js"></script>
If another user were to open this case (in no-js) and get to that node, this script would be applied, and with no other security measures taken, this script could be executed (if the browser is in fact capable of JS and somehow ended up in the no-js environment) - potentially hijacking the session to scrape confidential details or other more sinister attacks.
*Escaping is the method of HTML where we change certain character like < and > into their equivalent HTML entities < and > respectively. This makes the browser render the <script> tag as text, rather than processing the text as HTML.
NB: Escaping is done automatically and non-optionally in standard JavaScript enabled presentation layers.
- Turn on user IP log
- Tells the server to log the IP (Internet Protocol) addresses of users. This can be useful for future demographic analysis.
- Maximum file size
- This is the maximum file size for uploaded documents in any model which allows such activity. In most cases, around 5 MB is sufficient. In 1 Megabyte there are two to the power of 10 kilobytes - so 5 MB = 5(2<sup>10</sup>), which is 5120 KB
- Turn on detailed log (for debugging)
- When checked, this will cause the server to log far more activity than usual, which can be necessary when debugging, but can also cause a performance lag on the server. This option is mostly intended for test servers, with the exception of cases where a bug is only reproducible on a production server.
- Seconds before start
- Denotes the number of seconds the service should wait before starting up once executed - this is useful in situations where you have multiple services running in the same host environment - after that environment restarted, all those services could potentially start up at the same time, choking the host.
- Reply address
- This should always be root URL of your server.
- Reply port
- In most cases the port is the standard HTTP port (80).
- Proxy
- Since there could be multiple services running on any host server, each service needs to have a proxy name - this should not be changed unless you also maintain the host Apache server environment, and are aware of how to adjust the proxy settings there.
- Minutes to keep instance alive
- Denoted the number of minutes a case (session) can be kept in memory (RAM) before it should be moved to disk cache. Once the case is in the disk cache, it becomes slightly slower for the server to respond. If you run models which can take a long time to complete, and require fast response times, you can increase this field. Be aware though, if your server is also handling large numbers of concurrent sessions, you may run low on memory.
- Hours to keep session alive
- Denoted the number of hours of inactivity a session is allowed before the session is ended, forcing the user to have to re-login.
- Unique Server Number (soap cache)
- This can be used when multiple servers are used on a single host and have to be distinguished from one another. Used in combined caching databases or clusters.
- Use persistent jumplist
- When checked, this will force the jump list in a model to remain once the user has jumped back. In opposition, when unchecked, after a user has jumped back in the jump list, the jump list will empty back to the point the user has arrived at.
- Use all parameters from session (deprecated)
- When checked, if a user has logged into the server using a deep-link with username and password credentials in the URL, a model that is accessed will also be able to get those details by means of the
getparambynamefunction call. It’s unwise to check this unless you are certain you understand the risks. - Allow only connections from localhost
- Usually the host server environment is configured to allow multiple entry methods to any of its child Berkeley Bridge services. If however you check this box, only the preferred method will be allowed. This option can be useful if you are running a complicated host configuration with multiple services and need to route in a non-standard way.
- Use reference check text production
- Enable numbering in HTML and RTF text productions. See the help documentation for the Berkeley Document Designer if you want to know how to use this. If you do not have numbering in your templates, turn this option off: it will save time when generating texts.