Edit online

Administration Page

includes a user-friendly Administration Page that helps you to configure your instance of . You can use this page to configure a variety of settings.

Administration Page Credentials

If you used the Linux, Windows, or All Platforms installation kits, the administration credentials are the ones configured during the initial setup.

If you used the Web Application Archive version, you need to configure the Administration Page credentials.

In a browser, open the page. You will be redirected to an admin credentials configuration page.
You need an initial password to set up the administrator account. It can be defined before starting the server by adding the OXYGEN_ADMIN_SETUP_PASSWORD environmental variable or by passing the oxygen.admin.setup.password system property. Otherwise, a password is randomly generated and can be found in the server logs.
Enter the initial password and the credentials that will be used to access the Administration Page.

Note:

The credentials are stored in the shiro-users.ini file located in the Oxygen Data Directory. The password is stored encrypted. For information about resetting the admin credentials, see Resetting Admin Credentials.

Accessing the Administration Page

To access the Administration Page, go to the following URL:

http://example.com:8080/oxygen-xml-web-author/app/admin.html

You can also access it from a link on the page, but this method is mainly intended for the initial setup.

How to Hide the Administration Page Link

You can hide the Administration Page link from regular users by deselecting the Show a link to the Administration Page option that is available in the Settings section of the Administration Page.

Administration Page Settings

You can click on any of the listed types of settings to access configurable options for each type. The Administration Page allows you to configure or view the following settings in the various links:

General

Change tracking initial state: Allows you the choose the initial state of the Change Tracking feature. You can choose between Stored in document, Always On, and Always Off.
Show content completion list when pressing Enter: This option is selected by default, which means that when a user presses the Enter key, the content completion popup window will be opened. If this option is not selected, the Enter key will work similar to the behavior in normal word processors, but the user will still have the ability to open the content completion list by pressing CTRL+Enter.
Show all possible elements in content completion list: When selected, the Content Completion Assistant includes all possible elements, including those that are invalid at the current location, but those proposals are rendered in a lighter shade of gray, italicized, and appear after the valid proposals.
Change editors without page reload: When enabled, documents can be loaded in the main editing area without refreshing the entire web page. If you have customized Web Author through plugins, there might be instances where a custom behavior does not work as intended without refreshing the page, so disabling this option provides a possible temporary solution until the plugin is updated to account for the changes added to Web Author functionality.
Logging: This section displays the location of the Log file or Config file that uses for logging purposes.
Options: This section displays the location of the Options file that uses for various default settings.

License

Displays licensing information and allows you to configure a license server connection. You can also configure a backup license server. To make changes to the main or backup license server configuration, click the Configure button and enter the new server information (URL, User, Password) on the subsequent page.

Plugins

Displays the various plugins for your and allows you to add and configure them. It also includes an Upload plugin button for adding new ones to the list. You can also click the Discover More Plugins link to open a webpage with a list of supported plugins.

Frameworks

Displays the various frameworks for your and allows you to add and configure them. It also includes an Upload framework button for adding new ones to the list.

Connection

Allows you to configure the proxy settings for .

Security

Provides options for handling security-related features:

Trusted Code

Trusted code locations: By default, Web Author does not load code (such as CSS or Schematron) referenced directly in documents unless it comes from the framework (document type association) or a plugin. However, you can specify code locations to be considered trusted by adding them (one per line) in the text area in this option.

Firewall

Allow All Connections: If selected, Web Author will allow connections to all hosts. You can select the Log each connection option to instruct Web Author to add information about each connection in the log file. If the logging is enabled, after a period of time, you can analyze the log file, compile a list of trusted hosts, and then limit the Web Author's connectivity to only the ones that you consider trusted.
Only allow connections to these trusted hosts: If selected, only connections to trusted hosts will be allowed. You can specify hosts to be considered trusted by adding them (one per line) in the text area in this option.

Content Security Policy (CSP)

Use CSP: If selected, the Content Security Policy (CSP) header is enabled. The Content Security Policy provides a standard HTTP header that allows website owners to declare approved sources of content that browsers should be allowed to load on that page. It helps to prevent cross-site scripting (XSS) and related attacks. For more information about the Content Security Policy, see: https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP.
Use a Custom Policy: If selected, additional fields are revealed where you can use to configure you own custom security policy.

Tip:

For more security-related details, see Configuring Security Settings.