Version 3 - Reviewed: November 7, 2023
The TariffShark application server is distributed in a zip file. A filed named Installer.Web.config
is included within the zip and should be used as the starting point for creating your own web.config
file. The web.config
file is required on the application server and contains the customizable configuration settings for TariffShark.
The TariffShark application server installation guide and comments within the Installer.Web.config
file do a good job of describing the configuration options, but this article goes into a bit more depth. Note that not every web.config
setting is documented here. This article describes the configuration options that customize how TariffShark works.
Category | web.config key | Description | Default Value |
---|---|---|---|
Mail Settings | When a new User is created and when a user forgets his password, the system must be able to send the user a temporary password, which is done via email. Mail Settings must be configured or users will not receive their passwords. | ||
Mail Settings | <mailSettings> |
Configure this web.config element to enable TariffShark to send email. |
<smtp from="" deliveryMethod="Network"> <network host="" port="25" enableSsl="true" /> </smtp> |
Security | A one-time handshake must be made between a TariffShark client and a TariffShark application server. We call this "server registration". Among other things, the process returns unique encryption keys to the client machine (this is a security measure). In order to protect a TariffShark application server from accepting random registration requests, a secret key must be supplied by the user when registering and unregistering. | ||
Security | RegisterSoftwareClientSecretKey |
Password used for registering and unregistering TariffShark clients | <none> |
Password Reset | Password Reset settings define the rules that apply to creating and resetting passwords. | ||
Password Reset | Password.Reset.Duration |
Defines the lifespan (in minutes) during which password reset codes are valid | 30 |
Password Policy | Password Policy settings define the rules for acceptable user-created passwords. | ||
Password Policy | Password.Policy.ErrorMessage |
Error message to notify user of password not adhering password policy | Passwords must be between 8 and 16 characters in length and contain at least one uppercase letter, one lowercase letter, and one digit. The following special characters are valid but not required: !@#$%^*-_=+? |
Password Policy | Password.Policy.MinLength |
Minimum password length | 8 |
Password Policy | Password.Policy.MaxLength |
Maximum password length | 16 |
Password Policy | Password.Policy.RequireUppercaseMin |
Minimum number of upper case letters required | 1 |
Password Policy | Password.Policy.RequireUppercaseMax |
Maximum number of upper case letters allowed | 99 |
Password Policy | Password.Policy.RequireLowercaseMin |
Minimum number of lower case letters required | 1 |
Password Policy | Password.Policy.RequireLowercaseMax |
Maximum number of lower case letters allowed | 99 |
Password Policy | Password.Policy.RequireDigitsMin |
Minimum number of numeric digits required | 1 |
Password Policy | Password.Policy.RequireDigitsMax |
Maximum number of numeric digits allowed | 99 |
Password Policy | Password.Policy.RequireSpecialMin |
Minimum number of special characters required | 0 |
Password Policy | Password.Policy.RequireSpecialMax |
Maximum number of special characters allowed | 99 |
Password Policy | Password.Policy.SpecialCharset |
Valid special characters | !@#$%^*-_=+? |
Password Expiration Policy | Password Expiration Policy settings define the rules for password expiration. | ||
Password Expiration Policy | Password.Policy.ExpiresAfter |
A user account password expires after this number of days. | 0 (disabled) |
Password Expiration Policy | Password.Policy.ExpiresWarnWithin |
A user is notified that their password is soon-to-expire within this number of days of expiry. | 0 (disabled) |
Password Reuse Policy | Password Reuse Policy settings define the rules for allowable password reuse. | ||
Password Reuse Policy | Password.Policy.SavePreviousPasswords |
Do not allow a new password to match this number of previous passwords. | 0 (disabled) |
Account Lockout Policy | Account Lockout Policy settings define the rules for user account lockout. | ||
Account Lockout Policy | Lockout.Policy.FailedLogins |
A user account becomes locked after this number of consecutive failed log in attempts. | 5 |
Account Lockout Policy | Lockout.Policy.Duration |
A locked user account is locked out for this number of minutes. | 10 |
Filing XML Generation Mode | [Tiger Only; deprecated in Release 5.3] For the Tiger release, XML generation was rewritten to be more efficient and require fewer resources. With this key you may choose whether XML generation is performed using the Tiger method or the previous Hammerhead method. | ||
Filing XML Generation Mode | GenerateFilingXMLMode |
When this optional web.config key is present and set to hammerhead , the application server uses the legacy Hammerhead algorithm for generating Filing XML. Otherwise, the more efficient Tiger algorithm is used.
|
tiger |
Production Server | [Tiger Only] A server can be designated as a production server (or non-production). | ||
Production Server | AllowSetIsProduction |
When this optional web.config key is present and set to true , the application server's SetProduction web handler is enabled and may be used to designate a TariffShark server as either production or non-production. Learn more here.
|
true |
Session | |||
Session | SessionExpiresMinutes |
If no activity is detected between TariffShark client and the server, user is logged out | 60 |
Exceptions | Exception settings configure the logging of exceptions that occur on the application server. | ||
Exceptions | Exceptions.LogToEventLog |
Log exceptions to Windows Event Log | True |
Exceptions | Exceptions.LogToDatabase |
Log exceptions to TariffShark database | False |
Exceptions | Exceptions.LogToEmail |
Log exceptions via email | False |
Exceptions | Exceptions.LogToEmail.From |
When logging exceptions via email, send from this email address | <none> |
Exceptions | Exceptions.LogToEmail.To |
When logging exceptions via email, send to this email address | <none> |