...
Copy the PhixFlow webapp from the unpacked release package into Tomcat and configure it. See Install PhixFlow Webapp for details.
Start PhixFlow
You should now be able to start Tomcat and , start the PhixFlow client and login as the startup user (password: 'Startup')This confirms that you have successfully completed the basic installation.
System Configuration
Configure the directories under System Directories. See System Configuration for details.
...
You should immediately create new users, including at least one administrator, then disable or delete the startup user.
Import Component Templates (if required)
Import the component templates file if this is your first PhixFlow instance.
See Import Template Components and Styles for more information on when and how to install the templates.
Configure HTTPS
...
PhixFlow should always be configured to allow HTTPS connections to the webapp and to disable HTTP access.
Info | ||
---|---|---|
| ||
If you want to make your web server visible on the default ports (http: 80, https: 443) on Linux, we recommend using a reverse proxy. In this configuration, the reverse proxy runs as root, which allows it to use privileged ports (up to 1000), and forwards requests to the web server which runs as a non-privileged user (normally 'tomcat'), on non-privileged ports (above 1000). |
Warning | ||
---|---|---|
| ||
Do not run Tomcat as root on Linux as this constitutes a security risk. |
Reverse Proxy
We recommend that this is implemented using a reverse proxy to terminate the HTTPS session and to forward web requests using HTTP to the Tomcat server. This solution requires that the proxy and tomcat servers run on a private network (or on the same server), and that the tomcat server is not directly accessible by normal users.
...
To configure IIS as a reverse proxy on Windows, see here.
Tomcat
It is also possible to configure HTTPS directly in tomcat.
Configure for Resilience (optional)
...
PhixFlow can be configured to allow users to be validated against one or more Active Directory servers in addition to users that are defined locally withing within the PhixFlow database.
See the PhixFlow Configure Active Directory Guide for Integration for details.
Configure for SAML / Single Sign-on Users (optional)
PhixFlow can be configured to allow users to be validated against a single SAML Identity Provider in addition to users that are defined locally within the PhixFlow database.
See Configure SAML Integration for details.
Other Resources
The following pages may contain additional useful resources.
...
SQLServer Integrated Authentication
...