Change comment:
Fixed documentation
Summary
-
Page properties (2 modified, 0 added, 0 removed)
Details
- Page properties
-
- Author
-
... ... @@ -1,1 +1,1 @@ 1 -XWiki. evalica1 +XWiki.ThomasMortagne - Content
-
... ... @@ -42,7 +42,7 @@ 42 42 * //xwiki.authentication.validationKey// 43 43 * //xwiki.authentication.encryptionKey// 44 44 45 -See the [[Authentication parameters section>>Documentation.AdminGuide.Authentication#HAuthenticationparameters]] for more details. 45 +See the [[Authentication parameters section>>Documentation.AdminGuide.Authentication.WebHome#HAuthenticationparameters]] for more details. 46 46 47 47 In future versions we'd like to generate random and host-dependent key pairs at installation time (see the following [[issue>>https://jira.xwiki.org/browse/XWIKI-542]] for details). 48 48 ... ... @@ -49,7 +49,8 @@ 49 49 === Encrypt cookies using IP address === 50 50 51 51 Even if the password cannot be extracted from the cookie, the cookies might be stolen (see [[XSS>>Documentation.AdminGuide.Security#HCrossSiteScripting]]) and used as they are. 52 -By setting the //[[xwiki.cfg>>Documentation.AdminGuide.Configuration#HSamplexwiki.cfg]]// parameter ##xwiki.authentication.useip## to true you can block the cookies from being used except by the same IP address which got them. 52 +To limit that by default the cookies are blocked from being used except by the same IP address which got them. 53 +You can disabled this by setting the //[[xwiki.cfg>>Documentation.AdminGuide.Configuration#HSamplexwiki.cfg]]// parameter ##xwiki.authentication.useip## to false. 53 53 54 54 == Override version information == 55 55
