Status Bar Updates
Status bar will no longer immediately show an orange Publishing error if a sync error occurs, it will stay blue and continue to attempt to Publish Content to the web server for 5 minutes. An alert icon is shown to indicate any current sync errors. After 5 minutes of attempting to publish content, the status bar will become orange and display the Publish Failed message.
Attempting to Publish with an Error indicated:
After 5 minutes of re-trying, the orange Publish Failed bar is displayed:
Digital Content RSS Feed Validation Updates
- Date element is now RFC-822 formatted
- Description element is now included in Channel element
User Login/Password Policy Management Updates
Site administrators now have more control over their password and account policy management. This includes password expiry, policies preventing you from using a previous password, password attempt lockouts, and idle session logout.
In order to update the password expiry, stored passwords, max failed login attempts and idle session timeout, go to the Settings section in Agility and select Agility Global Security.
Password Expiry
-
The number of days before a user is required to change their password
-
Values include ‘Never, 30 Days, 60 Days, 90 Days, 6 Months, 1 Year, 2 Years’
-
User will be emailed 30 Days (if set to greater than 30 days) prior to expiry notifying them to change their passwords
Stored Passwords
-
If configured, will prevent users from using previous passwords
-
Allowable values include 1-10 last passwords
Max Failed Login Attempts
- The number of failed login attempts a user is allowed to have before having their account suspended
- Allowable values include ‘No Lockout, 3 Attempts, 5 Attempts, 8 Attempts, 10 Attempts’
Idle Session Timeout
- The number of minutes of idle time before a session is timed out
- Allowable values include ‘Never, 15 minutes, 30 minutes, 1 hour, 2 hours, 4 hours’
Account Suspension
User accounts can now be suspended under Settings > Agility User Security > select a user and then check the box labelled “Suspended”. A “Suspended” user will receive a message next time they attempt to login notifying them that their account has been suspended.
Rich Text Editor Updates
The Telerik Rich Text Editor has been updated to the latest version. This includes numerous bug fixes from the vendor.
See here for more details.
Securing Custom Reports
There is now a built-in mechanism to secure your custom reports from use outside of the Agility Content Manager. All custom reports in Agility are loaded within an iFrame and will now have a HASH and USER appended to the querystring. Using these values, a developer can perform their own logic to secure your custom report.
Sample incoming iframe request from Agility Custom Reports:
http://mywebsite.com/my-custom/report/hash=2GmBcdIEUR0Ljsm8L9Kd9M1ocOs%3d&user=John+Doe
Formula to authenticate custom report request (C#):
string websiteName = "...";
string user = Request.QueryString["user"]'
string securityKey = "...."; //insert your website security key here
byte[] data = UnicodeEncoding.Unicode.GetBytes(string.Format("{0}.{1}.{2}.{0}", websiteName, securityKey, user, websiteName));
SHA1 shaM = new SHA1Managed();
byte[] result = shaM.ComputeHash(data);
string hash = Convert.ToBase64String(result);
//compare the hash to the one in the incoming request query string.
