Jump to content


Popular Content

Showing content with the highest reputation since 04/27/19 in all areas

  1. 2 points
    Hey Everyone, Just a quick message to say we are very close to releasing a beta of our new Chrome extension. Possibly in the next couple of weeks, and this feature is in the new version:) We'll be announcing the beta release on Social Media soon, and we'll report back here to, and you are all welcome to test it out. Thanks again, Support.
  2. 1 point

    Update failure, permisions?

    This was helpful, thank you!
  3. 1 point
    We have a high availability setup in Azure for Passwordstate that consists of a Traffic Manager, and 2 sets of App Gateway load balanced clusters in different regions. We have encountered and issue with what happens when the DB is unreachable from a single region. Currently in Azure, the load balancing health checks available only look for "good" HTTP status codes and strings to determine health for the backend pools. In the case of Passwordstate, if one of the redundant servers/clusters behind the load balancing loses the ability to connect to the DB, the webserver still produces a good code, the health probe doesn't fail , and requests are still sent to the available server/cluster. There doesn't seem to be a way in Azure to probe, for example, a 200 webserver code and match a string from the DB error page to have the load balancer trip (again, it only operates on good results for a health check). Any thoughts on how to solve for this? The limitations are in Azure, but I'm wondering if it makes more sense (or can have an option) to throw a true HTTP error code for that condition? A 500 or a 503 (I'd settle for a 418 just to get past this), just something outside of 200-399 range which is the default "good" range for the Azure App Gateways and Traffic Managers. I'm digging into a string match, but as we use SAML and AAD for authentication, the number of redirects makes it difficult to determine what would be a consistent string in a page that won't be on the DB Error page that gets served. This is probably doable but seems like a long way to go. Anyway, appreciate any thoughts here. Thanks.
  4. 1 point
    This is an excellent point and I hadn't considered it for our own HA implementation. We use F5s across two DCs rather than having Passwordstate in Azure, but we'd have the same issue. A 503 should be thrown, with a custom error page detailing the exact nature of the failure. IE: "Application is up, database is down". Suggest this be moved to feature requests for implementation.
  5. 1 point

    multiple authentications

    Hi Alan, Thanks for your enquiry and yes this is possible. Navigate to the screen Administration -> System Settings -> Allowed IP Ranges tab, specify your "trusted" internal IP ranges, and then select an alternative authentication option is accessed from and IP Address which is not trusted. We hope this helps, and please let us know if you have any further questions about this. Regards Click Studios
  6. 1 point
    Hi Kurt, We've seen this a couple of time before if customers have tried to install the launcher more than once - because a configuration file is changed during the install, the uninstaller does not remove it unfortunately. Can you uninstall the launcher, manually delete the folder C:\Program Files (x86)\Passwordstate Remote Session Launcher, and then re-install the launcher again. This should fix it for you, but please let us know if it does not. Regards Click Studios
  7. 1 point
    Hello, At the moment it is not possible, but it is coming in new versions of the browser extension - we should have a Chrome beta available soon, with Firefox being worked on whilst the Chrome beta is underway. Regards Click Studios
  8. 1 point
    Hi Guys, Just letting you know that we've released build 8627 today, which includes your request mentioned above. Thanks for the suggestion - we appreciate it. Regards Click Studios
  9. 1 point

    HTTP Security Headers

    Hi Guys, We've added the mentioned security headers in build 8600. Regards Click Studios
  10. 1 point

    Security architectural diagram

    Hi Everyone, We've now published a document at the link below, and will update this if necessary: https://www.clickstudios.com.au/downloads/version8/Passwordstate_Open_Port_Requirements.pdf Regards, Support
  11. 1 point

    HTTP Security Headers

    Hi Guys, We've add most of these in for the next release, except for Content-Security-Policy - we'd need to do some more investigation/testing to know whether this would impact anything. Regards Click Studios