Connections and how to implement further security measures to protect sensitive information.
Allowing third-party applications access to data via the OAuth2 protocol
Allow third-party applications to ask your IBM
Connections users for access to their data.
Enabling virus scanning
Edit configuration property settings to force the applications that handle uploaded files to scan all files for viruses.
Forcing users to log in before they can access an application
Change the access levels of members or groups to require them to provide credentials before they can access an IBM
Configuring single sign-on
Set up single sign-on integration between IBM
Connections and other IBM
products and third-party security products.
Configuring the AJAX proxy
By default, the IBM
Connections AJAX proxy is configured to allow cookies, headers or mime types, and all HTTP actions to be exchanged among the IBM
Connections applications. If you want to change the traffic that is allowed from non-IBM Connections services, you must explicitly configure it.
Securing applications from malicious attack
Connections provides security measures, such as an active content filter and content upload limits, that you can use to mitigate the risk of malicious attacks. Because these security measures can also limit the flexibility of the applications, you, as the system administrator, must evaluate the security of your network and determine whether or not you need to implement them.
Forcing traffic to be sent over SSL
You can configure IBM
Connections to force all traffic that passes between an IBM
Connections server and a user's web browser to be sent over the Secure Socket Layer (SSL).
Assuming that you have completed the server setup previously described, to enable locked domains in IBM
Connections, specify an additional atrribute in the LotusConnections-config.xml to ensure that only ConnectionsOpensocial application is mapped to the locked domain host.