Using CleverPath Forest & Trees in a Web Environment: Required Internet Explorer Settings.

Document ID : KB000055534
Last Modified Date : 14/02/2018
Show Technical Document Details

Introduction

CleverPath Forest & Trees applications (*.FTV files) are executed in the Forest & Trees Runtime Option. When executing in a web browser environment, the Forest & Trees Runtime is hosted in the Forest & Trees Runtime ActiveX control (RC).

The RC, like any standard Win32 ActiveX control, is typically loaded on a web page by using an HTML OBJECT tag. The tag's CLSID attribute is used to uniquely identify the control by registry entry. The CODEBASE attribute is used to specify the URL of the control itself or a setup program for the control; if the control-or a specific version of the control-is not detected on the local machine, it is automatically downloaded and installed. The PARAM attribute (or Javascript or VBScript) is used to set control properties; in the case of Forest & Trees, the RC ViewFile property is used to specify the URL of the particular Forest & Trees application to be loaded.

The following HTML fragment shows a typical example?

<object ID="FTW" Name="FTW"
classid="clsid:5FADE212-B755-11D1-BA39-00C04FD60C4B"
width="100%" height="100%"
codebase="http://myServer/FTWRT700.EXE#Version=7,0,15">
<PARAM Name="ViewFile" Value = "http://myServer/myApps/dashboard.ftv">
</object>

These methods are described in more detail in the Forest & Trees Developer on-line help (lookup "web" in the index) and in the sample HTML files installed with the Forest & Trees Developer, in the folder named Runtime HTML Templates.

ActiveX controls can also be loaded directly, without the use of an HTML page, when the control is properly registered and supports certain properties. The RC also supports this method for displaying Forest & Trees applications in a web browser. This method will be used to load the Forest & Trees application when the user selects the FTV via Portal workplace, channel or library from a CleverPath Portal server that is not configured to use the Forest & Trees Content Handler.

Using these methods to download, install and load the RC to host Forest & Trees applications in a web browser requires multiple Microsoft Internet Explorer (IE) security settings to be enabled; these security settings are not enabled by default in most IE configurations. If these specific settings are not enabled, as described in the Configuring IE section at the end of this document, the user may see one or more of the following prompts:

imga

Configuring IE: Step by Step

Changing your Internet Explorer security settings in the manner described in this section may affect the behavior of other ActiveX controls and/or web sites. CA recommends that you review the proposed changes with your Security Administrator.

In a default installation, IE may not allow the RC or Forest & Trees applications to be loaded on a web page. CA recommends the following steps for configuring IE so that it will work well with Forest & Trees:

  1. Add to the IE Trusted sites zone the URL of the CleverPath Portal or other web server from which pages that reference the RC will be loaded.

    For example, if you normally access your portal by entering the following URL in the IE address bar:

    http://thePortal:8080

    ...then you would add the following to your IE Trusted sites zone:

    http://thePortal

    Note that any URL "below" a specified URL is also included in the Trusted sites zone, so in our example, http://thePortal/content/myApp would also be included in this zone.
    1. In IE, choose Tools>Internet Options? from the menu.
    2. In the Internet Options dialog, choose the Security tab.
    3. In the list of Web content zones, choose Trusted sites, then click the Sites... button.

      imgb

    4. In the Trusted sites dialog, enter the URL and click the Add button.

      The changes you will make to the security settings for the Trusted Zone will affect all of the web sites included in this list; if other web sites were already included in this list, you should consult with your Security Administrator to verify the proposed changes will not adversely affect the behavior of these other sites.

      imgc

      This action may require that you first disable the Require server verification... setting as shown above if the URL you are adding uses the http protocol. This setting can be re-enabled if desired after the appropriate URLs have been added to the list of sites.
    5. Close the Trusted sites dialog by clicking the OK button.

  • Configure the security settings for the Trusted sites zone to allow the RC to be installed and Forest & Trees applications to be loaded.
    1. In the Internet Options dialog, in the Security tab, choose Trusted sites in the list of Web content zones, then click the Custom Level... button.

      CA recommends that the described security level changes should only be made to the Trusted sites zone, never to the Internet zone; be sure you have selected Trusted sites in the list of zones, as shown below, prior to choosing Custom Level.

      imgd

      In the Security Settings dialog, you will change the security settings under ActiveX controls and plug-ins to Enable as described below.

      imge

    2. Using the Forest & Trees 7.0 Runtime Websetup executable to install the RC requires the Download signed ActiveX controls security setting to be enabled (because CA signed the Forest & Trees 7.0 Runtime Websetup exe with a Verisign certificate). Forest & Trees 6.51 or earlier versions require the Download unsigned ActiveX controls setting to be enabled (because CA did not sign the Forest & Trees Runtime Websetup execuatable prior to 7.0).

      imgf

      Enabling these security settings is also required if the Forest & Trees Runtime setup has been re-packaged using third-party tools such as PackageForTheWeb, WinZip Self-Extractor, etc. Forest & Trees application developers often do this re-packaging in order to create a silent (non-interactive) install and/or to insure their required set of Forest & Trees components is installed. Part of this repackaging process may include signing the resulting executable using their own Verisign certificate.
    3. Loading of any ActiveX control on a web page-after a one-time download (installation) of the control has been completed-requires the IE security setting Run ActiveX controls and plug-ins to be enabled.

      imgg

    4. Loading an Forest & Trees application requires the security settings Initialize and script ActiveX controls not marked as safe to be enabled.

      imgh

      After these settings have been enabled, navigating to any page that includes references to Forest & Trees applications should correctly load and display those Forest & Trees applications without any of the IE messages described at the beginning of this document. IE will indicate the current site is a member of the Trusted sites zone in the status bar of the IE frame:

      imgi

      Additional sites that use the RC can be added to the Trusted sites zone by repeating step 1 above for each site.