The Security tab allows you to configure security settings for the portal.
You can require all portal members to use the Signiant App to transfer files to storage.
Note: This is a licensed feature for on-premises storage.
The Trusted Referrers field specifies external domains that can serve embedded portals. You can embed a portal in another page or application to allow portal users access to the portal on another domain.
To include more than one trusted domain, enter each domain you want to include, separating each with a space.
If you are embedding a portal within a web application, the application can pass external encryption information using the browser window API, encrypting transferred data.
To use external encryption, your application must send initialization vector (IV) and encryption key via contentWindow.postMessage into the embedded portal iframe using iv and key:
<html>
<head>
<title></title>
<script src="https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js"></script>
<script>
$(document).ready(function() {
$("iframe_id").width(800).height(600);
// Create compatible event handlers
var eventMethod = window.addEventListener ? "addEventListener" : "attachEvent";
var eventHandler = window[eventMethod];
var messageEvent = eventMethod == "attachEvent" ? "onmessage" : "message";
// Listen to message from iFrame
eventHandler(messageEvent,function(e) {
console.log('Parent received message: ', e.data);
if (e.data.type && e.data.type === 'MediaShuttlePortalReadyForMessages') {
document.getElementById("iframe_id").contentWindow.postMessage(
{
"iv": "{iv}",
"key": "{key}",
"type": "EncryptMediaShuttleTransfer"},
"https://{PortalName}.mediashuttle.com");
}
},false);
});
</script>
</head>
<body>
<iframe src="https://{PortalName}.mediashuttle.com"
style="width: 800px; height: 600px" id="iframe_id"></iframe>
</body>
</html>The vector and key must match the following regular expression pattern:
iv - /[0-9A-Fa-f]{32}/g;key - /[0-9A-Fa-f]{64}/g;The Signiant App uses an AES-256-CTR algorithm to encrypt files and must be decrypted by an external application such as LibreSSL:
$ openssl enc -d -aes-256-ctr -in <name of encrypted file> -out <output file name> -K <key> -iv <iv>Note: The trusted referrer must store the initialization vector and encryption key securely to allow decryption at a later time. When external encryption is used, portal members cannot use other send portal content protection.
You can specify the level of authentication used to access your portal and transfer files. You can also specify whether content can be downloaded by other users that are not portal members.
You can enable and disable additional security features based on your portal type.
Send portals allow content protection, providing encryption for content in storage, and protecting content by setting a passphrase for downloads. This feature is overridden by external encryption used in embedded portals.
File requests or transfers via the System-to-Person API can Allow Unauthenticated Links for file transfers. If enabled for uploads or downloads, portal members can send content to, or request content from, portal members and non-members, allowing the sender or recipient to transfer files without logging into the portal. If disabled, all users must log into the portal before transferring content.
Send and Share portals can also Allow recipient picking to use autocomplete to pick recipients from a list of the portal's current members.
Media Shuttle provides secure user accounts and password protection to restrict access to portals as required. If your organization uses Single Sign-On using a SAML identity provider, you can integrate Media Shuttle within your existing user management process. Click here to learn more about configuring SAML with Media Shuttle.