Introduction
White list security is a feature in LearnFlex that allows administrators to specify those IP and/or domains used by an authentication provider. White list security also allows you to configure IP addresses and/or domains used by web services.
Important: White List security requires additional configuration before it can be used as a security feature and is not applicable to all implementations of LearnFlex. Contact your LearnFlex representative for information.
Procedure
1. From the Security menu, select White List Security.
Note: This menu is displayed when security setting 861: White List Security Interface is enabled.
The following screen is displayed:
White List Security – Main Screen
This screen allows you to add and delete a white list security entry.
To delete a white list security entry:
In the table (lower section of the screen):
1. Click Delete by the IP/domain that you want to remove.
You will be asked to confirm the deletion.
2. Click OK.
The IP/domain is removed from the table.
To add a white list security entry:
1. In the White List IP/Domain field, enter the IP address or domain that will be allowed to access LearnFlex upon logging in.
The combination of this value and type (explained below) must be unique.
2. Use the Type drop-down list to indicate how LearnFlex will filter access.
Selecting Authentication Provider will filter access to LearnFlex when logging in, while selecting Web Service will filter using LearnFlex web service APIs.
3. Use the Server Request drop-down list to indicate if the White list security entry is a domain name (HTTP_REFERER) or an IP address (REMOTE_ADDR).
4. Use the Comparison drop-down list to indicate if IP address/domain specified earlier must match exactly (Equals) or simply contain (Contains) the entry within the stored list of IP addresses and domains.
The exact match is not case-sensitive.
5. Click Add.
You will receive a message indicating whether or not the IP/domain was successfully added to the list.