Configure CSM Web Application Settings (URLs, Timeouts, RSS Feeds)

Use the Browser Application Settings window inCSM Administrator to configure web application settings.

You can:

  • Define URLs to the Browser Client and CSM Portal.
  • Set session timeout. In CSM Browser Client and CSM Portal, users are given a warning two minutes before the specified timeout is reached, with an opportunity to remain logged in. If they do not choose to remain logged in, they are logged out when the timeout is reached.

    We recommend setting the session timeout to 90 minutes. You will also need to configure the application pool in IIS to have a value of at least 5 minutes greater than the session timeout. CSM cannot make this change directly.

  • Enable or disable embedded frames, choose to send detailed error information to the client, control linked attachments (attachments via links instead of direct file attachment), and disable password auto-complete.

To configure web application settings:

  1. In CSM Administrator, open the Browser Application Settings window (Browser and Mobile > Browser Application Settings).
  2. Configure URLs that are used to generate a URL for launching one of the web applications (example: when sending out approvals).
    • Specify the base URL for the CSM Portal (example: https://MyServer/CherwellPortal).
    • Specify the base URL for the CSM Browser Client (example: https://MyServer/CherwellClient).
  3. Set a Session Timeout, which is the number of idle minutes the system should wait before timing out inactive sessions.
  4. Configure web application security settings:
    • Select the Do not allow the browser applications to be embedded in a frame check box to disable web applications from being embedded within the frame of another web page.
    • Select the Do not send detailed error information to client check box to prevent the web applications from sending detailed error information when errors occur.
    • Select the Disable linked attachments in the browser applications check box to disable attachments created from links instead of direct attachments.
    • Select the Disable password auto-complete on login page check box to disable auto-complete for passwords during login. This requires users and customers to type their full passwords every time they try to log in to the web applications.
  5. Select OK.