Web server commands, Web sessions, Web server – Dell POWEREDGE M1000E User Manual

Page 1619: Commands

Advertising
background image

Web Server Commands

1615

85

Web Server Commands

If enabled, the PowerConnect is manageable via industry standard web

browsers. User privilege levels are the same as for the CLI. Over 95% of the

management functions are available via the web interface, including

configuration and firmware upgrades.

Web Sessions

The HTTP protocol does not provide support for persistent connections.

Connections are constantly made and broken so there is no way to know who

is accessing the web interface or for how long they are doing so. Additionally,

with the use of basic authentication the user authorization is handled by the

client browser. This means that once entered, the user name and password are

cached in the browser and given to the server on request. Effectively, once a

user logs in to the switch, they have access until the browser closes, even

across reboots of the switch. This poses a security threat.
The Web Sessions feature makes use of cookies to control web connections,

sessions. Cookies must be enabled on the browser. The Set-Cookie directive is

sent only once at initiation of the session. With the introduction of Web

Sessions the client connections can be monitored and controlled. Web

Sessions put the authentication control in the PowerConnect instead of the

client browser resulting in a more efficient implementation that allows web

access while using Radius or TACACS+ for authentication.
The web login is implemented in the login page itself instead of a client

browser popup. Additionally, there is a logout button, always present on the

web interface. There are various commands that have been modified or added

to support Web Sessions. Similarly there are modifications to some of the

web pages. Support of SNMP configuration for Web Sessions is also available.
When the authentication method set for web login authentication is set to

TACACS+, the exec shell configuration on the TACACS+ server is used to

determine user permissions (read-only or read/ write). If the configured value

on the server is 15, the user is given read-write permissions. Any other value is

read-only. If exec shell feature is not enabled on the server, the user is given

read-only permissions.

2CSPC4.XModular-SWUM200.book Page 1615 Thursday, March 10, 2011 11:18 AM

Advertising
Popular Brands
Popular manuals