CobbleStone Documentation Wiki Welcome Guest: 10/25/2025 8:36:25 AM
 
View for Version
 
 
Contract Insight Version:
select
Version Released On:
Friday, October 8, 2021
 
   
 
Search
 
 

search text
Search 
 
   
 
Navigation
 
 
 
   
Configuration Group: Security   
Page last modified on Tuesday, September 4, 2018 10:48 AM (by Nash DeVita) (initially created on Thursday, March 15, 2012 1:30 PM)
Assigned to: App Config: Configuration Groups
  Generate Manual Print View
 
Page Content
 
 

Application Configuration: Config Settings

Configuration Group: Security

The Security configuration group includes application configuration settings for the basic setup and management of the security features.



Content Group:

Client Defined Header Content: This setting allows you to specify the content via a Microsoft Word-like HTML text editor for the header of every page in Contract Insight. See the App Config: Overview Wiki page for more information about the HTML text editor.

Confidentiality Message on the Login Page: This setting allows you to change and set the confidentiality message on the initial login page that all users will see when they go to login.  This setting allows you to add your organization's own confidentiality message using a Word-like HTML text editor.  See the App Config: Overview Wiki page for more information about the HTML text editor.

Document Collaboration with Legal Hold: When set to True, this setting allows document package merging and signing for a record set to Legal Hold.

Restricted File Types for Upload: This setting allows you to specify (in a comma separated list) the file extensions to be prevented from being uploaded and attached to records.

 

Email Attachments Group:

Attachment Expire Days: If using email attachments as links (described below), this setting allows you to set the number of days a link to an attachment will remain valid.

Authenticated Email Download: If set to True, this setting allows users to download email attachments without being authenticated.

Email Attachment Type: This setting allows you to specify if emailed attachments sent through Contract Insight are sent as links or if a copy of the file is sent.

 

Field Validator Group:

Enable Rules-Based Fields Validator: If set to True, rules-based field checks for the field validator are enabled.

Enable Required Fields Validator: If set to True, a validation message appears at the top of a record if required fields are not completed.

 

General Group:

Audit Logging form IIS:
This setting, when set to True, permits the system to insert log file entries at the page level into the database.

CSRF Page Monitor: If set to True, this setting enables enhanced Cross Site Request Forgery for pages within Contract Insight. This setting may not be compatible with some VPN or SSO connections.

Display Friendly Error Messages: If set to True, this setting enables the display of friendly error messages and storing of error logs.

Force HTTPS (SSL): If set to True, only HTTPS links will be used for Contract Insight. For organizations hosting their own server for Contract Insight, ensure you have your Secure Certificate (SSL Cert) installed on your server.

Payment Types to Pay Vendors/Suppliers: This setting allows you to specify (in a comma separated list) the payment types for paying vendors and suppliers.

Show in External Frames/Sites: If set to True, this setting allows Contract Insight to be displayed in external site frames.

Web Services Authentication Code: This setting sets the Authentication Code used to access Contract Insight Web Services if they have been purchased by your organization.

 

Log Retention Group:

Data Import Manager Log History Retention: With this setting, set the number of days to keep the log history for the Data Import Manager.

DBI Logs History Retention: With this setting, set the number of days to keep the log history for the Database Integration Manager.

Error Logs History Retention: With this setting, set the number of days to keep the log history for Error Logging.

IIS Audit Log History Retention: With this setting, set the number of days to keep the log history for IIS Logging.

Scheduler Manager Log History Retention: With this setting, set the number of days to keep the log history for the Scheduler Manager.

 

Login Group:

Application Login Method: This setting specifies the type of login method being used by your organization. Standard authentication is the default login method. Integrated

Integrated Login Prompt: This setting enables, if set to True, a login prompt to display requesting a Username and Password if Active Directory login or ADFS login attempts should fail.

Login Page Redirect: Specify if the login page allows for redirecting to a specific Contract Insight page should the user's session time out.  Please note that if this setting is set to True and a user's session times out, unsaved information will be lost and will need to be re-entered.

Prevent Account Sharing Prompt: This setting allows your organization to enhance security and auditing to prevent multiple simultaneous logins from the same Employee Account.

Redirect URL on User Logout: For use with SSO, the URL for user redirection on sign out of Contract Insight.


Passwords Group:

Encrypt User Passwords: If set to True, will encrypt Internal (Employees') AND External (Vendors/Clients for the Vendor/Client Gateway Optional Add-On Module- ONLY if your organization has purchased this Optional Add-On Module will this be affected) passwords in the back-end (database side), which helps conform with client-related sensitive data policies.

Monitor Password Complexity: Enables (True) or Disables (False) the tracking and management of password complexity.

Employee Password Length: If the "Monitor Password Complexity" setting is set to "True", this setting allows you to set the minimum length required for Employee passwords.

 Password Requires Alpha (lowercase): If the "Monitor Password Complexity" setting is set to "True", Employee passwords must contain at lease one lowercase letter.

Password Requires Alpha (uppercase): If the "Monitor Password Complexity" setting is set to "True", Employee passwords must contain at least one uppercase letter.

Password Requires Numeric: If the "Monitor Password Complexity" setting is set to "True", Employee passwords must contain at least one number.

Password Requires Special Characters: If the "Monitor Password Complexity" setting is set to "True", Employee passwords must contain at least one special character.

Password Reset Days: This setting allows you to specify the number of days before an Employee is required to reset their password.


 
   
 
Related Wiki Video Tutorials
 
 
 
   
 
Page Tags (Keywords)
 
 
 
   
 
Files & Attachments
 
  
   
 
CobbleStone Software |  Contract Insight Wiki |  version: 17.1.1.171020
CobbleStone Software is developed in the U.S.A.