DELL 8132 ユーザーズマニュアル
Web Server Commands
1767
84
Web Server Commands
If enabled, the PowerConnect is manageable via industry standard web
browsers. User privilege levels are the same as for the CLI. Over 95% of the
management functions are available via the web interface, including
configuration and firmware upgrades.
Web Sessions
The HTTP protocol does not provide support for persistent connections.
Connections are constantly made and broken so there is no way to know who
is accessing the web interface or for how long they are doing so. Additionally,
with the use of basic authentication the user authorization is handled by the
client browser. This means that once entered, the user name and password are
cached in the browser and given to the server on request. Effectively, once a
user logs in to the switch, they have access until the browser closes, even
across reboots of the switch. This poses a security threat.
The Web Sessions feature makes use of cookies to control web connections,
The Web Sessions feature makes use of cookies to control web connections,
sessions. Cookies must be enabled on the browser. The Set-Cookie directive is
sent only once at initiation of the session. With the introduction of Web
Sessions the client connections can be monitored and controlled. Web
Sessions put the authentication control in the PowerConnect instead of the
client browser resulting in a more efficient implementation that allows web
access while using Radius or TACACS+ for authentication.
The web login is implemented in the login page itself instead of a client
The web login is implemented in the login page itself instead of a client
browser popup. Additionally, there is a logout button, always present on the
web interface. There are various commands that have been modified or added
to support Web Sessions. Similarly there are modifications to some of the
web pages. Support of SNMP configuration for Web Sessions is also available.
When the authentication method set for web login authentication is set to
When the authentication method set for web login authentication is set to
TACACS+, the exec shell configuration on the TACACS+ server is used to
determine user permissions (read-only or read/ write). If the configured value
on the server is 15, the user is given read-write permissions. Any other value is
read-only. If exec shell feature is not enabled on the server, the user is given
read-only permissions.
2CSPC4.X8100-SWUM102.book Page 1767 Friday, March 15, 2013 8:56 AM