When the password duration is non-zero, new employees added to the system will have their initial password (set by the administrator) immediately expire. This forces the employee to specify new login and signature passwords upon their first login to CATSWeb.

If this feature is enabled, AssurX recommends that a minimum of two users be granted the Administrate privilege. If an administrator in a single-administrator system has their access permission revoked, there would have no means of accessing CATSWeb Manager to restore their access permission. AssurX technical support has tools that can resolve this quandary, but it is best avoided in the first place.

• The Max Attachment Size parameter should be smaller than the IIS Request Filtering setting: Maximum allowed content length (Bytes).
  
  
• Time Zone Offset - This setting is typically left at its default value of 0 (zero) and is primarily for use with AssurX hosted systems. If the CATSWeb servers are located in a different time zone from the majority of CATSWeb users, a time zone offset may be entered to shift the time used by CATSWeb. CATSWeb uses the server time plus the time zone offset, in hours. For example, if the servers are located in Texas (Central time) and your company is based in New York (Eastern time), a time zone offset of 1 would be appropriate. If your company is based in California (Pacific time), an offset of -2 would be appropriate. If your company is in the same time zone as the servers, the default value of 0 is correct.

  The Time Zone Offset does not need to be changed to accommodate daylight savings time, this is handled automatically by the server clocks. If you are in a region that does not use daylight savings time, then it will need to be modified at the daylight savings time transitions.
  
  

• Inactivity Timeout - The optional Inactivity Timeout parameter specifies how many minutes of inactivity must elapse before a CATSWeb session is invalidated. Enter 0 (zero) to disable the inactivity timer. An activity in CATSWeb is any action that requires a response from the CATSWeb web server components. This includes user actions such as loading a page or form, submitting a form, etc. Each time a user performs an activity, their timer is reset. Actions which are not considered activities, and therefore do not cause the timer to be reset, include viewing CATSWeb help pages, entering data into a form without submitting it, scrolling a loaded page, mouse movements, etc.

  Setting a non-zero inactivity timeout will marginally degrade CATSWeb response times. The reason is that inactivity tracking requires CATSWeb to update the user's session record on each page request or submission. Normally the session record is not updated at all. Administrators should avoid setting inactivity timeouts that are too short, as that can lead to user frustration. For example, if it sometimes takes up to 15 minutes to fill out and submit a complex form, an inactivity setting of 10 minutes will invalidate the user's session while they are still entering information into the form.
  
  When the CATSWeb session is invalidated as a result of an Inactvity Timeout, the CATSWeb Login page will be displayed the next time a button or link is clicked (with the exception of help).

• Restrict ID/Name Reuse- Enabling this option causes CATSWeb to disallow reuse of any EmployeeID or Employee Name in a new Employee record, or in an edited Employee record.
  Administrators that enable this feature should take particular care while adding or editing Employee records. If a typographical error is made in the name or ID, both the name and ID will be "burnt" and cannot be reused
  
  This feature is designed to absolutely prevent the following rather unlikely scenario:
  
  • Bob Jones is a CATSWeb user with EmployeeID BJones.
  • Bob Jones retires from the company, and his Employee record is deleted from CATSWeb.
  • A new employee joins the company 2 years later, coincidentally with the same name (Bob Jones). The CATSWeb administrator adds him to the system with Employee ID BJones.
  • Signatures added by the retired BJones will appear identical to signatures added by the new BJones (but with different time periods indicated in the signature dates).
    
    
• Dual Authentication for Password Resets - Enabling this option requires two administrators to collaborate to reset any user's password. Each administrator must login independently and click the password Reset link on the Employee page. When the first administrator clicks the link, they receive a confirmation message advising them that a second administrator must repeat this action.  When the second administrator clicks the link, the user password is actually reset.
  
  
• Request Passwords via E-mail - Enabling this option allows users to request that their login passwords be sent to them via E-mail. A similar setting in the Employee and Personality pages (Miscellaneous section) allows this capability to be gated for individual users or groups of users.
  
  The request is made via the CATSWeb Login page by entering an Employee ID, checking the request box, and submitting the Login page. CATSWeb then sends the specified user's password to the E-mail address specified for the user in their Employee record. The request box will not be present on the login page unless a registry setting has been added to enable it, as described in CATSWeb Installation Guide and/or other documentation associated with this feature.
  
  

  Important

  Note that anyone can make this request for any user, since the requestor has not yet been authenticated. Therefore, this option should not be enabled if a user's E-mail inbox or the E-mail routing system is not secure, or if there is a reasonable chance of the message being intercepted by someone other than the user it is intended for.

  
  
• Interface Preference - The global default Interface Preference for the system. This default may be overriden for specific users via the settings in Personality or Employee records, or users may choose their own Interface Preferences on the My CATSWeb page is they have been granted that permission.
  
  
• Home Page Type - Present only when the Dashboards feature is installed, this setting is the global default for the type of Home Page (Classic Home Page or Public Dashboard). Users see the selected Home Page when they first login to the system, or anytime they click the Home link in page headers and footers. This default may be overriden for specific users via the settings in Personality or Employee records. The Choose Home Page permission determines if the user can choose their own Home Page from the My CATSWeb page.
  
  
• Public Dashboard - Present only when the Dashboards feature is installed, this setting allows a specific Public Dashboard to be selected for use as the global default Home Page.
  
  
• Proxy Signature Mode - When set to Permissive, users with no Proxy Signature Permissions set in their Employee record can accept proxy signatures from any other user capable of applying proxy signatures. When set to Restrictive, users with no Proxy Signature Permissions set in their Employee record cannot accept proxy signatures from any other user capable of applying proxy signatures. See Managing Proxy Signatures for more information.
  
  
• Proxy Signature Comment - When set to Basic, the standard comment indicating that a proxy signature was made is appended to the Signature comment. When set to Extended, additional information on the Proxy Signature Permissions which allowed the proxy signature to take place is appended to the comment. See Managing Proxy Signatures for more information.
  
  
• Managerial Restriction Mode - Indicates the mode used for Managerial Restrictions.
  
  
• Subscriptions Section - The Subscriptions section will only be present if the optional Subscriptions feature is installed. The section contains these settings:
  
  
  • Web Feed Format - This setting will be present if the Web Feeds option is installed. Choose the Web feed format that will be the default format for the system (Atom or RSS 2.0). Many feed readers support both formats. Atom is the preferred format because it supports multiple enclosures (multiple enclosures = multiple file attachments in CATSWeb) while the RSS 2.0 specification does not. Future AssurX enhancements to the Subscriptions feature may require Atom when subscriptions is accesed as a Web Feeds. Such enhancements may not be available if RSS 2.0 is the specified format.
    
    
  • Item Lifetime (days) - When users access their subscriptions and cause subscriptions items to be generated, the items are stored in the CATSWeb database. This setting specifies the maximum duration for storing the items, in days. CATSWeb will periodically purge items that are past their lifetime.
    
    If the users typically check their subscriptions daily from a single location, or primarily use subscription item delivery via daily E-mail, (via the E-mail Feeds option) you may wish to specify a short duration, such as a few days or so. But if users check their items less frequently, or access them from multiple locations, a longer duration may be appropriate. For example, some users may have secondary computers that they use infrequently, but still want the ability to "synch" these computers with the CATSWeb system every few weeks. In such a case, a lifetime of 2-3 weeks might be more appropriate.
    
    
  • Dynamic Image Lifetime (days) - Subscriptions to graphical display parts, such as charts and indicators, cause new images to be generated whenever new subscription items are generated. These dynamic images are stored in the CATSWeb database and referenced in the HTML that makes up the subscription items. This technique allows them to be accessed at any time, and prevents "missing image" problems in deployments with multiple, load-balanced Web servers. The Dynamic Image Lifetime setting specifies the maximum duration for storing the dynamic images, in days. CATSWeb will periodically purge images that are past their lifetime.
    
    You may find it beneficial to set this lifetime longer than the Item Lifetime, if users access their subscription items via Web feeds or E-mail. Although feed readers and E-mail clients both cache the items they receive, some may not cache the images referenced by the HTML in the items. If they do not cache the referenced images, then they are depending on the image being present at its source (i.e. the CATSWeb system). If the image lifetime is exceeded and the source image no longer exists, these feed readers and E-mail clients would then display a missing image indicator instead of the display part image.