HTTPS versus HTTP, the debate is over.

Image


SSL is secure socket layer  ie. HTTPS:// instead of HTTP://

Every web page that is sent via HTTP:// is in plan text and can easily be intercepted or even changed via what is know as "man in the middle" or "man on the side" attacks.

Mobile network provides often  "improve" HTTP web pages by injecting their own scripts & images, often these unwanted "improvements" break the page being served. HTTPS prevents the carriers from being able to inject their own content.

Even when you only access the system via

How to test Access Control Limits (ACLs)?

Image

Overview

Access Control Limits (ACLs) are the expression of the systems information security policies, they can be complex in their nature and vital to not only be correct but also to be seen as correct. The ACLs sanity checks allow for this business level visibility to the information security policies.

All sanity checks in the base product are run as part of the system build process which does not proceed  if there are any failures.

The sanity checks allow for dummy data to be generated ( but not saved) and the

Upgraded the default site SSL to get an A+ grade

Image

Overview

The default SSL handler for the hosted sites has been upgraded to include "perfect forward secrecy" and we have dropped support for the weaker SSL ciphers. 

The drop of the weaker SSL ciphers means old browsers such as Windows XP IE7 will no longer be able to connect via HTTPS. IE7 will still be able to connect to the non-encrypted HTTP sites or alternatively Windows XP users can use more modern browsers Chrome or Firefox. 

HTTP Strict Transport Security (HSTS) has been enabled by default, HSTS

How to use the "Web Folders" from Mac OS

Image

You can use cloud file manager as a web folder (webDAV) on Mac by "Map network drive" lunching Finder and choosing the menu item "connect to server" from the "Go" menu.

Connect to server

 Choose "Connect to a server"

Connect to server dialog

 

Then enter the URL of your Job Track server https://hostname/dav 

You'll then be asked for your user name and password:- 

 Enter your user name password

Now the files will be listed as if they were local to the Mac:-

Mac using webdav

How to define a RESTful Web Services?

Image

Overview

Representational State Transfer (ReST) has gained widespread acceptance across the Web as a simpler alternative to SOAP- and Web Services Description Language (WSDL)-based Web services.

The resources are acted upon by using a set of simple, well-defined operations. The REST architectural style constrains an architecture to a client/server architecture and is designed to use a stateless communication protocol, using HTTP/HTTPS.
 
The system allows a series of RESTful services to be defined. The ReST service will normally return a JSON object

What are the major changes over the since JobTrack 4 ( Nov 2012)

Image

The changes to the system have been broad over the 18 months development period.

  1. Moved to JDK7 after end of life period of JDK6
  2. Content Management System
  3. Cloud File Manager
    • Web Folders
    • Shallow Copy of files ( duplicate files in different folders shares the same raw file)
  4. New responsive control panel
  5. E-Commerce
  6. Enhanced login page and session management
  7. HTML5 validation of every generated screen
  8. iPhone & iPad support on standard screens
  9. Numerous performance improvements

Image searching feature

Image

stSoftware uses the Lucene API to provide the document indexing for searching. The functionality of the Lucene core API is extended with the Lucene Image Retrieval (LIRE) API. When an image file is uploaded/changed in the cloud file manager automatic LIRE indexing on the image is performed and stored as a searchable attribute of the image file.

The system allows for searches of images with exact or similar image content based on the LIRE index. All documents (including images) have a SHA1 checksum performed

How to view current active sessions for a user?

Image

Overview

By clicking on the "Welcome user name" you will be shown your user set up, with the list of current sessions.

If you see an IP address that is unfamiliar to you, we suggest you change your password immediately to secure your account against unauthorized access. Your current IP address is displayed below the table. In most cases, we guess the location by matching your IP address to a broad geographical location. The location and IP mappings might not always be accurate, especially in cases