Central Governance 1.1.3 Users Guide Save PDF Selected topic Selected topic and subtopics All content URL whitelist This section describes how to manage a URL whitelist by hostname, explicitly whitelisting URLs that are considered safe. Otherwise, only the following Central Governance hosts are enabled by default: The hostname defined during the Central Governance configuration localhost 127.0.0.1 Manage a URL whitelist To allow access to a URL, enter its hostname as an alternativeHostNames in the context parameter of this same web.xml configuration file. To add multiple hostnames, use a comma separated string. For instance, to allow redirecting to both host1.domain1 and host2.domain2, add the following context parameter: <context-param> <param-name>alternativeHostNames</param-name> <param-value>host1.domain1,host2.domain2</param-value> </context-param> Note that these hosts do not replace default values, nor do the defaults need to be listed here. To disable access to a URL, use a file editor to remove its hostname from the <Central_Governance>/runtime/<pasport_node>/passport/sso/webapps/ROOT/WEB-INF/web.xml configuration file. Deactivate whitelists To deactivate the hostname whitelist, set the enableWhitelist parameter value to false in the web.xml configuration file. If you simply delete this parameter, it is only deactivated until the next time you update (which re-enables it). Central Governance | Document Directory Related Links
URL whitelist This section describes how to manage a URL whitelist by hostname, explicitly whitelisting URLs that are considered safe. Otherwise, only the following Central Governance hosts are enabled by default: The hostname defined during the Central Governance configuration localhost 127.0.0.1 Manage a URL whitelist To allow access to a URL, enter its hostname as an alternativeHostNames in the context parameter of this same web.xml configuration file. To add multiple hostnames, use a comma separated string. For instance, to allow redirecting to both host1.domain1 and host2.domain2, add the following context parameter: <context-param> <param-name>alternativeHostNames</param-name> <param-value>host1.domain1,host2.domain2</param-value> </context-param> Note that these hosts do not replace default values, nor do the defaults need to be listed here. To disable access to a URL, use a file editor to remove its hostname from the <Central_Governance>/runtime/<pasport_node>/passport/sso/webapps/ROOT/WEB-INF/web.xml configuration file. Deactivate whitelists To deactivate the hostname whitelist, set the enableWhitelist parameter value to false in the web.xml configuration file. If you simply delete this parameter, it is only deactivated until the next time you update (which re-enables it). Central Governance | Document Directory