Just a second...

Configuring Diffusion web server security

When configuring your Diffusion™ web server, consider the security of your solution.

Digest authentication

Digest authentication can be utilized to negotiate credentials with a user's web browser. It is applied to specific directories on your web site. The protection of one directory automatically applies protection to all lower directories as well.

Use the realms element in the WebServer.xml configuration file to add new realms to a virtual host and to store the user's name and the passwords.

HTTP deployment

You can deploy DAR files to a Diffusion server through a web service. This web service does not run by default, but can be enabled for your test environment by editing the provided WebServer.xml configuration file to include the commented out deploy-service.

Warning: Access to the deploy web service is not restricted. Do not enable this web service in your production environment unless you restrict access to the diffusion-url/deploy URL by other means, for example through your firewall setup.