CleverPath Forest & Trees applications (*.FTV files) are executed in the Forest & Trees Runtime Option. When executing in a web browser environment, the Forest & Trees Runtime is hosted in the Forest & Trees Runtime ActiveX control (RC).
The following HTML fragment shows a typical example?
<object ID="FTW" Name="FTW"
<PARAM Name="ViewFile" Value = "http://myServer/myApps/dashboard.ftv">
These methods are described in more detail in the Forest & Trees Developer on-line help (lookup "web" in the index) and in the sample HTML files installed with the Forest & Trees Developer, in the folder named Runtime HTML Templates.
ActiveX controls can also be loaded directly, without the use of an HTML page, when the control is properly registered and supports certain properties. The RC also supports this method for displaying Forest & Trees applications in a web browser. This method will be used to load the Forest & Trees application when the user selects the FTV via Portal workplace, channel or library from a CleverPath Portal server that is not configured to use the Forest & Trees Content Handler.
Using these methods to download, install and load the RC to host Forest & Trees applications in a web browser requires multiple Microsoft Internet Explorer (IE) security settings to be enabled; these security settings are not enabled by default in most IE configurations. If these specific settings are not enabled, as described in the Configuring IE section at the end of this document, the user may see one or more of the following prompts:
Configuring IE: Step by Step Changing your Internet Explorer security settings in the manner described in this section may affect the behavior of other ActiveX controls and/or web sites. CA recommends that you review the proposed changes with your Security Administrator.
In a default installation, IE may not allow the RC or Forest & Trees applications to be loaded on a web page. CA recommends the following steps for configuring IE so that it will work well with Forest & Trees:
- Add to the IE Trusted sites zone the URL of the CleverPath Portal or other web server from which pages that reference the RC will be loaded.
For example, if you normally access your portal by entering the following URL in the IE address bar:
...then you would add the following to your IE Trusted sites zone:
Note that any URL "below" a specified URL is also included in the Trusted sites zone, so in our example, http://thePortal/content/myApp would also be included in this zone.
- In IE, choose Tools>Internet Options? from the menu.
- In the Internet Options dialog, choose the Security tab.
- In the list of Web content zones, choose Trusted sites, then click the Sites... button.
- In the Trusted sites dialog, enter the URL and click the Add button.
The changes you will make to the security settings for the Trusted Zone will affect all of the web sites included in this list; if other web sites were already included in this list, you should consult with your Security Administrator to verify the proposed changes will not adversely affect the behavior of these other sites.
This action may require that you first disable the Require server verification... setting as shown above if the URL you are adding uses the http protocol. This setting can be re-enabled if desired after the appropriate URLs have been added to the list of sites.
- Close the Trusted sites dialog by clicking the OK button.
- Configure the security settings for the Trusted sites zone to allow the RC to be installed and Forest & Trees applications to be loaded.
- In the Internet Options dialog, in the Security tab, choose Trusted sites in the list of Web content zones, then click the Custom Level... button.
CA recommends that the described security level changes should only be made to the Trusted sites zone, never to the Internet zone; be sure you have selected Trusted sites in the list of zones, as shown below, prior to choosing Custom Level.
In the Security Settings dialog, you will change the security settings under ActiveX controls and plug-ins to Enable as described below.
- Using the Forest & Trees 7.0 Runtime Websetup executable to install the RC requires the Download signed ActiveX controls security setting to be enabled (because CA signed the Forest & Trees 7.0 Runtime Websetup exe with a Verisign certificate). Forest & Trees 6.51 or earlier versions require the Download unsigned ActiveX controls setting to be enabled (because CA did not sign the Forest & Trees Runtime Websetup execuatable prior to 7.0).
Enabling these security settings is also required if the Forest & Trees Runtime setup has been re-packaged using third-party tools such as PackageForTheWeb, WinZip Self-Extractor, etc. Forest & Trees application developers often do this re-packaging in order to create a silent (non-interactive) install and/or to insure their required set of Forest & Trees components is installed. Part of this repackaging process may include signing the resulting executable using their own Verisign certificate.
- Loading of any ActiveX control on a web page-after a one-time download (installation) of the control has been completed-requires the IE security setting Run ActiveX controls and plug-ins to be enabled.
- Loading an Forest & Trees application requires the security settings Initialize and script ActiveX controls not marked as safe to be enabled.
After these settings have been enabled, navigating to any page that includes references to Forest & Trees applications should correctly load and display those Forest & Trees applications without any of the IE messages described at the beginning of this document. IE will indicate the current site is a member of the Trusted sites zone in the status bar of the IE frame:
Additional sites that use the RC can be added to the Trusted sites zone by repeating step 1 above for each site.